The Autofill implementation in Google Chrome before 51.0.2704.63 mishandles the interaction between field updates and JavaScript code that triggers a frame deletion, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted web site, a different vulnerability than CVE-2016-1701.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Debian_linux | Debian | 8.0 | 8.0 |
Enterprise_linux_desktop | Redhat | 6.0 | 6.0 |
Enterprise_linux_server | Redhat | 6.0 | 6.0 |
Enterprise_linux_workstation | Redhat | 6.0 | 6.0 |
Linux_enterprise | Suse | 12.0 | 12.0 |
Leap | Opensuse | 42.1 | 42.1 |
Opensuse | Opensuse | 13.2 | 13.2 |