6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
6.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
0.013 Low
EPSS
Percentile
85.9%
Google Chrome Releases reports:
Several security fixes in this release, including:
[641101] High CVE-2016-5170: Use after free in Blink.Credit to
Anonymous
[643357] High CVE-2016-5171: Use after free in Blink. Credit to
Anonymous
[616386] Medium CVE-2016-5172: Arbitrary Memory Read in v8.
Credit to Choongwoo Han
[468931] Medium CVE-2016-5173: Extension resource access.
Credit to Anonymous
[579934] Medium CVE-2016-5174: Popup not correctly suppressed.
Credit to Andrey Kovalev (@L1kvID) Yandex Security Team
[646394] CVE-2016-5175: Various fixes from internal audits,
fuzzing and other initiatives.
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
6.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
0.013 Low
EPSS
Percentile
85.9%