CVE-2016-1665

MEDIUM

Google V8 <50.0.2661.94 - Info Disclosure

Title source: llm

Description

The JSGenericLowering class in compiler/js-generic-lowering.cc in Google V8, as used in Google Chrome before 50.0.2661.94, mishandles comparison operators, which allows remote attackers to obtain sensitive information via crafted JavaScript code.

Exploits (1)

github NO CODE 31 stars

by OpenSISE · cpoc

https://github.com/OpenSISE/CVE_PoC_Collect/tree/master/Browser/CVE-2016-1665.html

View Code ZIP pw:eip

References (12)

[Patch] https://codereview.chromium.org/1925463003

[Vendor Advisory] http://rhn.redhat.com/errata/RHSA-2016-0707.html

[Release Notes, Vendor Advisory] http://googlechromereleases.blogspot.com/2016/04/stable-channel-update_28.html

[Vendor Advisory] http://www.ubuntu.com/usn/USN-2960-1

[Issue Tracking] https://crbug.com/606181

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/89106

[Third Party Advisory] http://www.debian.org/security/2016/dsa-3564

[Third Party Advisory] https://security.gentoo.org/glsa/201605-02

[Mailing List] http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00002.html

[Mailing List] http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00003.html

[Mailing List] http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00004.html

[Mailing List] http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00048.html

Scores

CVSS v3 6.5

EPSS 0.0160

EPSS Percentile 81.5%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

Classification

CWE

CWE-20

Status draft

Affected Products (6)

opensuse/opensuse

redhat/enterprise_linux_desktop_supplementary

redhat/enterprise_linux_server_supplementary

redhat/enterprise_linux_server_supplementary_eus

redhat/enterprise_linux_workstation_supplementary

google/chrome < 50.0.2661.87

Timeline

Published May 14, 2016

Tracked Since Feb 18, 2026