Google Chrome Race Condition Vulnerability (CVE-2016-1670)
Google Chrome Race Condition Vulnerability (CVE-2016-1670)
Release date:
Updated on:
Affected Systems:
Google Chrome <50.0.2661.102
Description:
CVE (CAN) ID: CVE-2016-1670
Google Chrome is a Web browser tool developed by Google.
In versions earlier than Google Chrome 50.0.2661.102, the content/browser/loader/resource_dispatcher_host_impl.cc/ResourceDispatcherHostImpl: The BeginRequest function has a race condition. Remote attackers can access the Renderer process and reuse the Request ID, any http request can be made.
<* Source: Google
*>
Suggestion:
Vendor patch:
Google
------
The vendor has released a patch to fix this security problem. Please download it from the vendor's homepage:
Http://googlechromereleases.blogspot.com/2016/05/stable-channel-update.html
Https://crbug.com/578882
Https://codereview.chromium.org/1608573002
This article permanently updates the link address: