CVE-2016-1639

Description

Use-after-free vulnerability in browser/extensions/api/webrtc_audio_private/webrtc_audio_private_api.cc in the WebRTC Audio Private API implementation in Google Chrome before 49.0.2623.75 allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging incorrect reliance on the resource context pointer.

Risk Information

Base Score

9.8

MODERATE

Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS Score

Exploitation Probability

5.701

Associated Vulnerability

Vulnerability	OS Platform
Update for Google Chrome (45.0.2454.93)	Windows
Update for Google Chrome x64 (45.0.2454.93)	Windows
Update for Google Chrome (45.0.2454.99)	Windows
Update for Google Chrome x64 (45.0.2454.99)	Windows
Update for Google Chrome (48.0.2564.97)	Windows
Update for Google Chrome x64 (48.0.2564.97)	Windows
Update for Google Chrome (49.0.2623.75)	Windows
Update for Google Chrome x64 (49.0.2623.75)	Windows
Updates for Google Chrome (66.0.3359.170)	Windows
Updates for Google Chrome (x64) (66.0.3359.170)	Windows
Updates for Google Chrome (66.0.3359.181)	Windows
Updates for Google Chrome (x64) (66.0.3359.181)	Windows
Updates for Google Chrome (67.0.3396.62)	Windows
Updates for Google Chrome (x64) (67.0.3396.62)	Windows
Updates for Google Chrome (67.0.3396.79)	Windows
Updates for Google Chrome (x64) (67.0.3396.79)	Windows
Updates for Google Chrome (67.0.3396.87)	Windows
Updates for Google Chrome (x64) (67.0.3396.87)	Windows
Google Chrome (67.0.3396.99)	Windows
Google Chrome (x64) (67.0.3396.99)	Windows
Multiple vulnerabilities are fixed in Update for Google Chrome For Mac (49.0.2623.75)	Mac
Update for Google Chrome (45.0.2454.93) (For Ubuntu)	Linux
Update for Google Chrome (45.0.2454.99) (For Ubuntu)	Linux
Update for Google Chrome (48.0.2564.97) (For Ubuntu)	Linux
Update for Google Chrome (49.0.2623.75) (For Ubuntu)	Linux
Updates for Google Chrome (66.0.3359.170) (For Ubuntu)	Linux
Update for Google Chrome (45.0.2454.93) (For Debian)	Linux
Update for Google Chrome (45.0.2454.99) (For Debian)	Linux
Update for Google Chrome (48.0.2564.97) (For Debian)	Linux
Update for Google Chrome (49.0.2623.75) (For Debian)	Linux
Updates for Google Chrome (66.0.3359.170) (For Debian)	Linux
Updates for Google Chrome (66.0.3359.181) (For Debian)	Linux
Updates for Google Chrome (67.0.3396.62) (For Debian)	Linux
Updates for Google Chrome (67.0.3396.79) (For Debian)	Linux
Updates for Google Chrome (67.0.3396.87) (For Debian)	Linux
Google Chrome (67.0.3396.99) (For Debian)	Linux
Update for Google Chrome (45.0.2454.93) (For Centos)	Linux
Update for Google Chrome (45.0.2454.99) (For Centos)	Linux
Update for Google Chrome (48.0.2564.97) (For Centos)	Linux
Update for Google Chrome (49.0.2623.75) (For Centos)	Linux
Updates for Google Chrome (66.0.3359.170) (For Centos)	Linux
Updates for Google Chrome (66.0.3359.181) (For Centos)	Linux
Updates for Google Chrome (67.0.3396.62) (For Centos)	Linux
Updates for Google Chrome (67.0.3396.79) (For Centos)	Linux
Updates for Google Chrome (67.0.3396.87) (For Centos)	Linux
Google Chrome (67.0.3396.99) (For Centos)	Linux
Update for Google Chrome (45.0.2454.93) (For RedHat)	Linux
Update for Google Chrome (45.0.2454.99) (For RedHat)	Linux
Update for Google Chrome (48.0.2564.97) (For RedHat)	Linux
Update for Google Chrome (49.0.2623.75) (For RedHat)	Linux
Updates for Google Chrome (66.0.3359.170) (For RedHat)	Linux
Updates for Google Chrome (66.0.3359.181) (For RedHat)	Linux
Updates for Google Chrome (67.0.3396.62) (For RedHat)	Linux
Updates for Google Chrome (67.0.3396.79) (For RedHat)	Linux
Updates for Google Chrome (67.0.3396.87) (For RedHat)	Linux
Google Chrome (67.0.3396.99) (For RedHat)	Linux
Update for Google Chrome (45.0.2454.93) (For Suse)	Linux
Update for Google Chrome (45.0.2454.99) (For Suse)	Linux
Update for Google Chrome (48.0.2564.97) (For Suse)	Linux
Update for Google Chrome (49.0.2623.75) (For Suse)	Linux
Updates for Google Chrome (66.0.3359.170) (For Suse)	Linux
Updates for Google Chrome (66.0.3359.181) (For Suse)	Linux
Updates for Google Chrome (67.0.3396.62) (For Suse)	Linux
Updates for Google Chrome (67.0.3396.79) (For Suse)	Linux
Updates for Google Chrome (67.0.3396.87) (For Suse)	Linux
Google Chrome (67.0.3396.99) (For Suse)	Linux
Updates for Google Chrome (66.0.3359.181) (For Ubuntu)	Linux
Updates for Google Chrome (67.0.3396.62) (For Ubuntu)	Linux
Updates for Google Chrome (67.0.3396.79) (For Ubuntu)	Linux
Updates for Google Chrome (67.0.3396.87) (For Ubuntu)	Linux
Google Chrome (67.0.3396.99) (For Ubuntu)	Linux

Patch Details

Click to see the patches provided by ManageEngine for this CVE

Patch ID	Patch Description
PATCH-302553	Update for Google Chrome x64 (45.0.2454.93)
PATCH-302561	Update for Google Chrome (45.0.2454.99)
PATCH-302562	Update for Google Chrome x64 (45.0.2454.99)
PATCH-303145	Update for Google Chrome (48.0.2564.97)
PATCH-303146	Update for Google Chrome x64 (48.0.2564.97)
PATCH-303256	Update for Google Chrome (49.0.2623.75)
PATCH-303257	Update for Google Chrome x64 (49.0.2623.75)
PATCH-307513	Updates for Google Chrome (66.0.3359.170)
PATCH-307515	Updates for Google Chrome (x64) (66.0.3359.170)
PATCH-307534	Updates for Google Chrome (66.0.3359.181)
PATCH-307535	Updates for Google Chrome (x64) (66.0.3359.181)
PATCH-307607	Updates for Google Chrome (67.0.3396.62)
PATCH-307608	Updates for Google Chrome (x64) (67.0.3396.62)
PATCH-307641	Updates for Google Chrome (67.0.3396.79)
PATCH-307644	Updates for Google Chrome (x64) (67.0.3396.79)
PATCH-307660	Updates for Google Chrome (67.0.3396.87)
PATCH-307662	Updates for Google Chrome (x64) (67.0.3396.87)
PATCH-307715	Google Chrome (67.0.3396.99)
PATCH-307716	Google Chrome (x64) (67.0.3396.99)
PATCH-609673	Google Chrome for Mac (132.0.6834.83, 132.0.6834.84)

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234