Exploitation Summary
EIP tracks 1 public exploit for CVE-2015-6763. PoCs published by Google Security Research.
AI-analyzed exploit summary Integer overflow in vcdiff format parsing in Chrome's SDCH decoding leads to out-of-bounds memory access on 32-bit systems. The PoC demonstrates a crash via crafted section lengths in the delta encoding header.
Description
Multiple unspecified vulnerabilities in Google Chrome before 46.0.2490.71 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by Google Security Research · textdoslinux_x86
https://www.exploit-db.com/exploits/38763
Integer overflow in vcdiff format parsing in Chrome's SDCH decoding leads to out-of-bounds memory access on 32-bit systems. The PoC demonstrates a crash via crafted section lengths in the delta encoding header.
Classification
Working Poc 90%
Attack Type
Dos
Complexity
Moderate
Reliability
Reliable
Target:
Google Chrome 47.0.2499.0 (32-bit)
No auth needed
Prerequisites:
32-bit system · SDCH-enabled Chrome · Hosted on a legitimate domain (localhost not supported)
MITRE ATT&CK
devstral-2 · analyzed Feb 16, 2026
Full analysis →
References (22)
Core 22
Core References
Issue Tracking x_refsource_confirm
https://code.google.com/p/chromium/issues/detail?id=529520
Exploit, Third Party Advisory exploit
x_refsource_exploit-db
https://www.exploit-db.com/exploits/38763/
Issue Tracking x_refsource_confirm
https://code.google.com/p/chromium/issues/detail?id=529310
Release Notes, Vendor Advisory x_refsource_confirm
http://googlechromereleases.blogspot.com/2015/10/stable-channel-update.html
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/77071
Issue Tracking x_refsource_confirm
https://code.google.com/p/chromium/issues/detail?id=522128
Issue Tracking x_refsource_confirm
https://code.google.com/p/chromium/issues/detail?id=512053
Third Party Advisory vendor-advisory
x_refsource_debian
http://www.debian.org/security/2015/dsa-3376
Issue Tracking x_refsource_confirm
https://code.google.com/p/chromium/issues/detail?id=522131
Exploit, Third Party Advisory x_refsource_misc
http://packetstormsecurity.com/files/134482/Google-Chrome-Integer-Overflow.html
Issue Tracking x_refsource_confirm
https://code.google.com/p/chromium/issues/detail?id=529530
Issue Tracking x_refsource_confirm
https://code.google.com/p/chromium/issues/detail?id=528799
Issue Tracking x_refsource_confirm
https://code.google.com/p/chromium/issues/detail?id=516690
Issue Tracking x_refsource_confirm
https://code.google.com/p/chromium/issues/detail?id=527423
Issue Tracking x_refsource_confirm
https://code.google.com/p/chromium/issues/detail?id=542517
Third Party Advisory vendor-advisory
x_refsource_gentoo
https://security.gentoo.org/glsa/201603-09
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id/1033816
Vendor Advisory vendor-advisory
x_refsource_ubuntu
http://www.ubuntu.com/usn/USN-2770-1
Vendor Advisory vendor-advisory
x_refsource_redhat
http://rhn.redhat.com/errata/RHSA-2015-1912.html
Issue Tracking x_refsource_confirm
https://code.google.com/p/chromium/issues/detail?id=528798
Vendor Advisory vendor-advisory
x_refsource_ubuntu
http://www.ubuntu.com/usn/USN-2770-2
Issue Tracking x_refsource_confirm
https://code.google.com/p/chromium/issues/detail?id=525763
Scores
EPSS
0.0697
EPSS Percentile
93.3%
Details
Status
published
Products (1)
google/chrome
< 45.0.2454.101
Published
Oct 15, 2015
Tracked Since
Feb 18, 2026