CVE-2016-1709

Priority
Description
Heap-based buffer overflow in the ByteArray::Get method in
data/byte_array.cc in Google sfntly before 2016-06-10, as used in Google
Chrome before 52.0.2743.82, allows remote attackers to cause a denial of
service or possibly have unspecified other impact via a crafted SFNT font.
Notes
Package
Upstream:released (52.0.2743.82)
Ubuntu 14.04 ESM (Trusty Tahr):DNE (trusty was released [52.0.2743.116-0ubuntu0.14.04.1.1134])
Ubuntu 16.04 LTS (Xenial Xerus):released (52.0.2743.116-0ubuntu0.16.04.1.1250)
Package
Upstream:not-affected
Ubuntu 14.04 ESM (Trusty Tahr):DNE (trusty was not-affected)
Ubuntu 16.04 LTS (Xenial Xerus):not-affected
More Information

Updated: 2020-01-29 19:54:34 UTC (commit 768ceb2fdee6790d707d0f681e1b54916744af1e)