A timing attack on denormalized floating point arithmetic in SVG filters in Blink in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android allowed a remote attacker to bypass the Same Origin Policy via a crafted HTML page.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: Chrome

Published: 2017-01-19T05:43:00

Updated: 2024-08-06T00:53:48.614Z

Reserved: 2016-05-31T00:00:00

Link: CVE-2016-5224

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2017-01-19T05:59:01.057

Modified: 2024-11-21T02:53:52.550

Link: CVE-2016-5224

cve-icon Redhat

Severity : Low

Publid Date: 2016-12-01T00:00:00Z

Links: CVE-2016-5224 - Bugzilla