High severity8.8NVD Advisory· Published Jul 23, 2016· Updated May 6, 2026
CVE-2016-5136
CVE-2016-5136
Description
Use-after-free vulnerability in extensions/renderer/user_script_injector.cc in the Extensions subsystem in Google Chrome before 52.0.2743.82 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to script deletion.
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
13- googlechromereleases.blogspot.com/2016/07/stable-channel-update.htmlnvd
- lists.opensuse.org/opensuse-security-announce/2016-07/msg00020.htmlnvd
- lists.opensuse.org/opensuse-security-announce/2016-07/msg00021.htmlnvd
- lists.opensuse.org/opensuse-security-announce/2016-07/msg00022.htmlnvd
- lists.opensuse.org/opensuse-security-announce/2016-07/msg00028.htmlnvd
- rhn.redhat.com/errata/RHSA-2016-1485.htmlnvd
- www.debian.org/security/2016/dsa-3637nvd
- www.securityfocus.com/bid/92053nvd
- www.securitytracker.com/id/1036428nvd
- codereview.chromium.org/2116923002/nvd
- codereview.chromium.org/2134613002/nvd
- crbug.com/625393nvd
- security.gentoo.org/glsa/201610-09nvd
News mentions
0No linked articles in our index yet.