CVE-2016-1669

HIGH

Google V8 <5.0.71.47 - Buffer Overflow

Title source: llm

Description

The Zone::New function in zone.cc in Google V8 before 5.0.71.47, as used in Google Chrome before 50.0.2661.102, does not properly determine when to expand certain memory allocations, which allows remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via crafted JavaScript code.

Exploits (1)

github NO CODE 31 stars

by OpenSISE · cpoc

https://github.com/OpenSISE/CVE_PoC_Collect/tree/master/Browser/CVE-2016-1669.html

View Code ZIP pw:eip

References (22)

[Patch] https://codereview.chromium.org/1945313002

[Vendor Advisory] http://rhn.redhat.com/errata/RHSA-2016-1080.html

[Vendor Advisory] http://rhn.redhat.com/errata/RHSA-2017-0002.html

[Release Notes, Vendor Advisory] http://googlechromereleases.blogspot.com/2016/05/stable-channel-update.html

[Mailing List] http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00043.html

[Mailing List] http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00050.html

[Mailing List] http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00048.html

[Mailing List] http://lists.opensuse.org/opensuse-updates/2016-07/msg00063.html

[Third Party Advisory, VDB Entry] http://www.securitytracker.com/id/1035872

[Vendor Advisory] http://www.ubuntu.com/usn/USN-2960-1

[Vendor Advisory] https://access.redhat.com/errata/RHSA-2017:0879

[Vendor Advisory] https://access.redhat.com/errata/RHSA-2017:0880

[Vendor Advisory] https://access.redhat.com/errata/RHSA-2017:0881

[Vendor Advisory] https://access.redhat.com/errata/RHSA-2017:0882

[Vendor Advisory] https://access.redhat.com/errata/RHSA-2018:0336

[Issue Tracking] https://crbug.com/606115

[Vendor Advisory] https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05347541

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/90584

[Mailing List, Third Party Advisory] https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CITS5GIUTNWVSUXMSORIAJJLQBEGL2CK/

[Mailing List, Third Party Advisory] https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZPTKXI62OPCJCJGCSFMST4HIBQ27J72W/

... and 2 more

Scores

CVSS v3 8.8

EPSS 0.0163

EPSS Percentile 81.6%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Classification

CWE

CWE-119

Status draft

Affected Products (10)

debian/debian_linux

google/chrome < 50.0.2661.87

opensuse/opensuse

google/v8 < 5.0.71

nodejs/node.js < 0.10.46

nodejs/node.js < 4.1.2

nodejs/node.js < 4.4.6

canonical/ubuntu_linux

canonical/ubuntu_linux

canonical/ubuntu_linux

Timeline

Published May 14, 2016

Tracked Since Feb 18, 2026