CVE-2016-5161 (retired)

Priority
Description
The EditingStyle::mergeStyle function in
WebKit/Source/core/editing/EditingStyle.cpp in Blink, as used in Google
Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on
Linux, mishandles custom properties, which allows remote attackers to cause
a denial of service or possibly have unspecified other impact via a crafted
web site that leverages "type confusion" in the StylePropertySerializer
class.
Package
Upstream:released (53.0.2785.92)
Ubuntu 16.04 LTS (Xenial Xerus):released (53.0.2785.143-0ubuntu0.16.04.1.1254)
Package
Upstream:released (1.17.6)
Ubuntu 16.04 LTS (Xenial Xerus):released (1.17.7-0ubuntu0.16.04.1)
More Information

Updated: 2019-09-19 15:58:32 UTC (commit d32ebc32606b9517c6fa7d65a15441e2a57a6de5)