CVE-2016-5174 in Ubuntu

CVE-2016-5174

Priority

Description

browser/ui/cocoa/browser_window_controller_private.mm in Google Chrome
before 53.0.2785.113 does not process fullscreen toggle requests during a
fullscreen transition, which allows remote attackers to cause a denial of
service (unsuppressed popup) via a crafted web site.

References

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5174
https://googlechromereleases.blogspot.com/2016/09/stable-channel-update-for-desktop_13.html

Bugs

https://crbug.com/579934

Notes

Package

Source: chromium-browser (LP Ubuntu Debian)

Upstream:	released (53.0.2785.113)
Ubuntu 14.04 ESM:	DNE (trusty was released [53.0.2785.143-0ubuntu0.14.04.1.1142])

Patches:

Package

Source: oxide-qt (LP Ubuntu Debian)

Upstream:	not-affected
Ubuntu 16.04 ESM:	not-affected
Ubuntu 14.04 ESM:	DNE (trusty was not-affected)

Patches:

More Information

Mitre
NVD
Launchpad
Debian

Updated: 2022-04-13 12:23:20 UTC (commit f411bd370d482ef4385c4e751d121a4055fbc009)