Search for vulnerabilities
Vulnerability details: VCID-zade-1t4e-aaag
Vulnerability ID VCID-zade-1t4e-aaag
Aliases CVE-2016-1654
Summary The media subsystem in Google Chrome before 50.0.2661.75 does not initialize an unspecified data structure, which allows remote attackers to cause a denial of service (invalid read operation) via unknown vectors.
Status Published
Exploitability 0.5
Weighted Severity 8.0
Risk 4.0
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-20 Improper Input Validation
System Score Found at
generic_textual Medium http://googlechromereleases.blogspot.com/2016/04/stable-channel-update_13.html
generic_textual Medium http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-1654.html
rhas Important https://access.redhat.com/errata/RHSA-2016:0638
epss 0.01780 https://api.first.org/data/v1/epss?cve=CVE-2016-1654
epss 0.01780 https://api.first.org/data/v1/epss?cve=CVE-2016-1654
epss 0.01780 https://api.first.org/data/v1/epss?cve=CVE-2016-1654
epss 0.01780 https://api.first.org/data/v1/epss?cve=CVE-2016-1654
epss 0.01780 https://api.first.org/data/v1/epss?cve=CVE-2016-1654
epss 0.01780 https://api.first.org/data/v1/epss?cve=CVE-2016-1654
epss 0.01780 https://api.first.org/data/v1/epss?cve=CVE-2016-1654
epss 0.01780 https://api.first.org/data/v1/epss?cve=CVE-2016-1654
epss 0.01780 https://api.first.org/data/v1/epss?cve=CVE-2016-1654
epss 0.01780 https://api.first.org/data/v1/epss?cve=CVE-2016-1654
epss 0.01780 https://api.first.org/data/v1/epss?cve=CVE-2016-1654
epss 0.01780 https://api.first.org/data/v1/epss?cve=CVE-2016-1654
epss 0.01780 https://api.first.org/data/v1/epss?cve=CVE-2016-1654
epss 0.01780 https://api.first.org/data/v1/epss?cve=CVE-2016-1654
epss 0.01780 https://api.first.org/data/v1/epss?cve=CVE-2016-1654
epss 0.01780 https://api.first.org/data/v1/epss?cve=CVE-2016-1654
epss 0.02681 https://api.first.org/data/v1/epss?cve=CVE-2016-1654
epss 0.0306 https://api.first.org/data/v1/epss?cve=CVE-2016-1654
epss 0.0306 https://api.first.org/data/v1/epss?cve=CVE-2016-1654
epss 0.0306 https://api.first.org/data/v1/epss?cve=CVE-2016-1654
epss 0.0306 https://api.first.org/data/v1/epss?cve=CVE-2016-1654
epss 0.0306 https://api.first.org/data/v1/epss?cve=CVE-2016-1654
epss 0.0306 https://api.first.org/data/v1/epss?cve=CVE-2016-1654
epss 0.03078 https://api.first.org/data/v1/epss?cve=CVE-2016-1654
epss 0.03078 https://api.first.org/data/v1/epss?cve=CVE-2016-1654
epss 0.03078 https://api.first.org/data/v1/epss?cve=CVE-2016-1654
epss 0.03078 https://api.first.org/data/v1/epss?cve=CVE-2016-1654
epss 0.03078 https://api.first.org/data/v1/epss?cve=CVE-2016-1654
epss 0.03078 https://api.first.org/data/v1/epss?cve=CVE-2016-1654
epss 0.03078 https://api.first.org/data/v1/epss?cve=CVE-2016-1654
epss 0.03078 https://api.first.org/data/v1/epss?cve=CVE-2016-1654
epss 0.03078 https://api.first.org/data/v1/epss?cve=CVE-2016-1654
epss 0.03078 https://api.first.org/data/v1/epss?cve=CVE-2016-1654
epss 0.03078 https://api.first.org/data/v1/epss?cve=CVE-2016-1654
epss 0.03078 https://api.first.org/data/v1/epss?cve=CVE-2016-1654
epss 0.03078 https://api.first.org/data/v1/epss?cve=CVE-2016-1654
epss 0.03078 https://api.first.org/data/v1/epss?cve=CVE-2016-1654
epss 0.03078 https://api.first.org/data/v1/epss?cve=CVE-2016-1654
epss 0.03078 https://api.first.org/data/v1/epss?cve=CVE-2016-1654
epss 0.03078 https://api.first.org/data/v1/epss?cve=CVE-2016-1654
epss 0.03078 https://api.first.org/data/v1/epss?cve=CVE-2016-1654
epss 0.03078 https://api.first.org/data/v1/epss?cve=CVE-2016-1654
epss 0.03078 https://api.first.org/data/v1/epss?cve=CVE-2016-1654
epss 0.03078 https://api.first.org/data/v1/epss?cve=CVE-2016-1654
epss 0.03078 https://api.first.org/data/v1/epss?cve=CVE-2016-1654
epss 0.03078 https://api.first.org/data/v1/epss?cve=CVE-2016-1654
epss 0.03078 https://api.first.org/data/v1/epss?cve=CVE-2016-1654
epss 0.03078 https://api.first.org/data/v1/epss?cve=CVE-2016-1654
epss 0.03078 https://api.first.org/data/v1/epss?cve=CVE-2016-1654
epss 0.03078 https://api.first.org/data/v1/epss?cve=CVE-2016-1654
epss 0.03078 https://api.first.org/data/v1/epss?cve=CVE-2016-1654
epss 0.03078 https://api.first.org/data/v1/epss?cve=CVE-2016-1654
epss 0.03078 https://api.first.org/data/v1/epss?cve=CVE-2016-1654
epss 0.03078 https://api.first.org/data/v1/epss?cve=CVE-2016-1654
epss 0.03078 https://api.first.org/data/v1/epss?cve=CVE-2016-1654
epss 0.03078 https://api.first.org/data/v1/epss?cve=CVE-2016-1654
epss 0.03078 https://api.first.org/data/v1/epss?cve=CVE-2016-1654
epss 0.03078 https://api.first.org/data/v1/epss?cve=CVE-2016-1654
epss 0.03078 https://api.first.org/data/v1/epss?cve=CVE-2016-1654
epss 0.03078 https://api.first.org/data/v1/epss?cve=CVE-2016-1654
epss 0.03078 https://api.first.org/data/v1/epss?cve=CVE-2016-1654
epss 0.03078 https://api.first.org/data/v1/epss?cve=CVE-2016-1654
epss 0.03078 https://api.first.org/data/v1/epss?cve=CVE-2016-1654
epss 0.03078 https://api.first.org/data/v1/epss?cve=CVE-2016-1654
epss 0.03078 https://api.first.org/data/v1/epss?cve=CVE-2016-1654
epss 0.03078 https://api.first.org/data/v1/epss?cve=CVE-2016-1654
epss 0.03078 https://api.first.org/data/v1/epss?cve=CVE-2016-1654
epss 0.03078 https://api.first.org/data/v1/epss?cve=CVE-2016-1654
epss 0.03078 https://api.first.org/data/v1/epss?cve=CVE-2016-1654
epss 0.03078 https://api.first.org/data/v1/epss?cve=CVE-2016-1654
epss 0.03078 https://api.first.org/data/v1/epss?cve=CVE-2016-1654
epss 0.03078 https://api.first.org/data/v1/epss?cve=CVE-2016-1654
epss 0.03078 https://api.first.org/data/v1/epss?cve=CVE-2016-1654
epss 0.03078 https://api.first.org/data/v1/epss?cve=CVE-2016-1654
epss 0.03078 https://api.first.org/data/v1/epss?cve=CVE-2016-1654
epss 0.03078 https://api.first.org/data/v1/epss?cve=CVE-2016-1654
epss 0.03078 https://api.first.org/data/v1/epss?cve=CVE-2016-1654
epss 0.03078 https://api.first.org/data/v1/epss?cve=CVE-2016-1654
epss 0.03078 https://api.first.org/data/v1/epss?cve=CVE-2016-1654
epss 0.03078 https://api.first.org/data/v1/epss?cve=CVE-2016-1654
rhbs medium https://bugzilla.redhat.com/show_bug.cgi?id=1327112
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1651
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1652
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1653
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1654
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1655
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1657
generic_textual Low https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1658
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1659
cvssv2 4.3 https://nvd.nist.gov/vuln/detail/CVE-2016-1654
cvssv3 6.5 https://nvd.nist.gov/vuln/detail/CVE-2016-1654
generic_textual Medium https://ubuntu.com/security/notices/USN-2955-1
Reference id Reference type URL
http://googlechromereleases.blogspot.com/2016/04/stable-channel-update_13.html
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00040.html
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00041.html
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00049.html
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00050.html
http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-1654.html
http://rhn.redhat.com/errata/RHSA-2016-0638.html
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1654.json
https://api.first.org/data/v1/epss?cve=CVE-2016-1654
https://crbug.com/589512
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1651
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1652
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1653
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1654
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1655
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1657
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1658
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1659
https://security.gentoo.org/glsa/201605-02
https://ubuntu.com/security/notices/USN-2955-1
http://www.debian.org/security/2016/dsa-3549
http://www.ubuntu.com/usn/USN-2955-1
1327112 https://bugzilla.redhat.com/show_bug.cgi?id=1327112
cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*
CVE-2016-1654 https://nvd.nist.gov/vuln/detail/CVE-2016-1654
RHSA-2016:0638 https://access.redhat.com/errata/RHSA-2016:0638
USN-2955-1 https://usn.ubuntu.com/2955-1/
No exploits are available.
Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P Found at https://nvd.nist.gov/vuln/detail/CVE-2016-1654
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2016-1654
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Exploit Prediction Scoring System (EPSS)
Percentile 0.88428
EPSS Score 0.01780
Published At Nov. 1, 2024, midnight
Date Actor Action Source VulnerableCode Version
There are no relevant records.