Improper Data Handling in Google Chrome Dial Registry

Improper Data Handling in Google Chrome Dial Registry

CVE-2016-5202 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

browser/extensions/api/dial/dial_registry.cc in Google Chrome before 54.0.2840.98 on macOS, before 54.0.2840.99 on Windows, and before 54.0.2840.100 on Linux neglects to copy a device ID before an erase() call, which causes the erase operation to access data that that erase operation will destroy.

Learn more about our Cis Benchmark Audit For Apple Macos.