CVE-2016-1647

Description

Use-after-free vulnerability in the RenderWidgetHostImpl::Destroy function in content/browser/renderer_host/render_widget_host_impl.cc in the Navigation implementation in Google Chrome before 49.0.2623.108 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.

Risk Information

Base Score

8.8

MODERATE

Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

EPSS Score

Exploitation Probability

1.286

Associated Vulnerability

Vulnerability	OS Platform
Update for Google Chrome (45.0.2454.93)	Windows
Update for Google Chrome x64 (45.0.2454.93)	Windows
Update for Google Chrome (45.0.2454.99)	Windows
Update for Google Chrome x64 (45.0.2454.99)	Windows
Update for Google Chrome (48.0.2564.97)	Windows
Update for Google Chrome x64 (48.0.2564.97)	Windows
Update for Google Chrome (49.0.2623.108)	Windows
Update for Google Chrome x64 (49.0.2623.108)	Windows
Updates for Google Chrome (66.0.3359.170)	Windows
Updates for Google Chrome (x64) (66.0.3359.170)	Windows
Updates for Google Chrome (66.0.3359.181)	Windows
Updates for Google Chrome (x64) (66.0.3359.181)	Windows
Updates for Google Chrome (67.0.3396.62)	Windows
Updates for Google Chrome (x64) (67.0.3396.62)	Windows
Updates for Google Chrome (67.0.3396.79)	Windows
Updates for Google Chrome (x64) (67.0.3396.79)	Windows
Updates for Google Chrome (67.0.3396.87)	Windows
Updates for Google Chrome (x64) (67.0.3396.87)	Windows
Google Chrome (67.0.3396.99)	Windows
Google Chrome (x64) (67.0.3396.99)	Windows
Vulnerabilities CVE-2016-1646,CVE-2016-1647,CVE-2016-1648,CVE-2016-1649,CVE-2016-1650 are fixed in Update for Google Chrome For Mac (49.0.2623.108)	Mac
Web browser engine for Qt (QML plugin) (USN-2920-1) liboxideqtcore0_1.14.7-0ubuntu1_i386.deb	Linux
Update for Google Chrome (45.0.2454.93) (For Ubuntu)	Linux
Update for Google Chrome (45.0.2454.99) (For Ubuntu)	Linux
Update for Google Chrome (48.0.2564.97) (For Ubuntu)	Linux
Update for Google Chrome (49.0.2623.108) (For Ubuntu)	Linux
Updates for Google Chrome (66.0.3359.170) (For Ubuntu)	Linux
Update for Google Chrome (45.0.2454.93) (For Debian)	Linux
Update for Google Chrome (45.0.2454.99) (For Debian)	Linux
Update for Google Chrome (48.0.2564.97) (For Debian)	Linux
Update for Google Chrome (49.0.2623.108) (For Debian)	Linux
Updates for Google Chrome (66.0.3359.170) (For Debian)	Linux
Updates for Google Chrome (66.0.3359.181) (For Debian)	Linux
Updates for Google Chrome (67.0.3396.62) (For Debian)	Linux
Updates for Google Chrome (67.0.3396.79) (For Debian)	Linux
Updates for Google Chrome (67.0.3396.87) (For Debian)	Linux
Google Chrome (67.0.3396.99) (For Debian)	Linux
Update for Google Chrome (45.0.2454.93) (For Centos)	Linux
Update for Google Chrome (45.0.2454.99) (For Centos)	Linux
Update for Google Chrome (48.0.2564.97) (For Centos)	Linux
Update for Google Chrome (49.0.2623.108) (For Centos)	Linux
Updates for Google Chrome (66.0.3359.170) (For Centos)	Linux
Updates for Google Chrome (66.0.3359.181) (For Centos)	Linux
Updates for Google Chrome (67.0.3396.62) (For Centos)	Linux
Updates for Google Chrome (67.0.3396.79) (For Centos)	Linux
Updates for Google Chrome (67.0.3396.87) (For Centos)	Linux
Google Chrome (67.0.3396.99) (For Centos)	Linux
Update for Google Chrome (45.0.2454.93) (For RedHat)	Linux
Update for Google Chrome (45.0.2454.99) (For RedHat)	Linux
Update for Google Chrome (48.0.2564.97) (For RedHat)	Linux
Update for Google Chrome (49.0.2623.108) (For RedHat)	Linux
Updates for Google Chrome (66.0.3359.170) (For RedHat)	Linux
Updates for Google Chrome (66.0.3359.181) (For RedHat)	Linux
Updates for Google Chrome (67.0.3396.62) (For RedHat)	Linux
Updates for Google Chrome (67.0.3396.79) (For RedHat)	Linux
Updates for Google Chrome (67.0.3396.87) (For RedHat)	Linux
Google Chrome (67.0.3396.99) (For RedHat)	Linux
Update for Google Chrome (45.0.2454.93) (For Suse)	Linux
Update for Google Chrome (45.0.2454.99) (For Suse)	Linux
Update for Google Chrome (48.0.2564.97) (For Suse)	Linux
Update for Google Chrome (49.0.2623.108) (For Suse)	Linux
Updates for Google Chrome (66.0.3359.170) (For Suse)	Linux
Updates for Google Chrome (66.0.3359.181) (For Suse)	Linux
Updates for Google Chrome (67.0.3396.62) (For Suse)	Linux
Updates for Google Chrome (67.0.3396.79) (For Suse)	Linux
Updates for Google Chrome (67.0.3396.87) (For Suse)	Linux
Google Chrome (67.0.3396.99) (For Suse)	Linux
Updates for Google Chrome (66.0.3359.181) (For Ubuntu)	Linux
Updates for Google Chrome (67.0.3396.62) (For Ubuntu)	Linux
Updates for Google Chrome (67.0.3396.79) (For Ubuntu)	Linux
Updates for Google Chrome (67.0.3396.87) (For Ubuntu)	Linux
Google Chrome (67.0.3396.99) (For Ubuntu)	Linux

Patch Details

Click to see the patches provided by ManageEngine for this CVE

Patch ID	Patch Description
PATCH-302553	Update for Google Chrome x64 (45.0.2454.93)
PATCH-302561	Update for Google Chrome (45.0.2454.99)
PATCH-302562	Update for Google Chrome x64 (45.0.2454.99)
PATCH-303145	Update for Google Chrome (48.0.2564.97)
PATCH-303146	Update for Google Chrome x64 (48.0.2564.97)
PATCH-303330	Update for Google Chrome (49.0.2623.108)
PATCH-303331	Update for Google Chrome x64 (49.0.2623.108)
PATCH-307513	Updates for Google Chrome (66.0.3359.170)
PATCH-307515	Updates for Google Chrome (x64) (66.0.3359.170)
PATCH-307534	Updates for Google Chrome (66.0.3359.181)
PATCH-307535	Updates for Google Chrome (x64) (66.0.3359.181)
PATCH-307607	Updates for Google Chrome (67.0.3396.62)
PATCH-307608	Updates for Google Chrome (x64) (67.0.3396.62)
PATCH-307641	Updates for Google Chrome (67.0.3396.79)
PATCH-307644	Updates for Google Chrome (x64) (67.0.3396.79)
PATCH-307660	Updates for Google Chrome (67.0.3396.87)
PATCH-307662	Updates for Google Chrome (x64) (67.0.3396.87)
PATCH-307715	Google Chrome (67.0.3396.99)
PATCH-307716	Google Chrome (x64) (67.0.3396.99)
PATCH-609673	Google Chrome for Mac (132.0.6834.83, 132.0.6834.84)

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234