← back
CVE-2016-7395

CVE-2016-7395

EPSS 1.1%
SkPath.cpp in Skia, as used in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux, does not properly validate the return values of ChopMonoAtY calls, which allows remote attackers to cause a denial of service (uninitialized memory access and application crash) or possibly have unspecified other impact via crafted graphics data.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://codereview.chromium.org/2006143009https://crbug.com/613918https://googlechromereleases.blogspot.com/2016/08/stable-channel-update-for-desktop_31.htmlhttp://www.debian.org/security/2016/dsa-3667http://www.securityfocus.com/bid/92717