CVE-2016-5174

NameCVE-2016-5174
Descriptionbrowser/ui/cocoa/browser_window_controller_private.mm in Google Chrome before 53.0.2785.113 does not process fullscreen toggle requests during a fullscreen transition, which allows remote attackers to cause a denial of service (unsuppressed popup) via a crafted web site.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
ReferencesDSA-3667-1

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
chromium-browsersourcewheezy(unfixed)end-of-life
chromium-browsersourcejessie53.0.2785.113-1~deb8u1DSA-3667-1
chromium-browsersource(unstable)53.0.2785.113-1

Notes

[wheezy] - chromium-browser <end-of-life> (Not supported in Wheezy)

Search for package or bug name: Reporting problems