Endpoint Vulnerability

Security Vulnerability CVE-2016-1670 for Google Chrome

Description

Race condition in the ResourceDispatcherHostImpl::BeginRequest function in content/browser/loader/resource_dispatcher_host_impl.cc in Google Chrome before 50.0.2661.102 allows remote attackers to make arbitrary HTTP requests by leveraging access to a renderer process and reusing a request ID.

Affected Products

Google Chrome

References

CVE-2016-1670,