CVE-2016-1677

MEDIUM

Google V8 <5.1.281.26 - Info Disclosure

Title source: llm

Description

uri.js in Google V8 before 5.1.281.26, as used in Google Chrome before 51.0.2704.63, uses an incorrect array type, which allows remote attackers to obtain sensitive information by calling the decodeURI function and leveraging "type confusion."

Exploits (1)

github NO CODE 31 stars

by OpenSISE · cpoc

https://github.com/OpenSISE/CVE_PoC_Collect/tree/master/Browser/CVE-2016-1677.html

View Code ZIP pw:eip

References (12)

[Issue Tracking] https://crbug.com/602970

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/90876

[Patch] https://codereview.chromium.org/1936083002

[Mailing List] http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00005.html

[Third Party Advisory, VDB Entry] http://www.securitytracker.com/id/1035981

[Third Party Advisory] http://www.debian.org/security/2016/dsa-3590

[Release Notes, Vendor Advisory] http://googlechromereleases.blogspot.com/2016/05/stable-channel-update_25.html

[Vendor Advisory] http://www.ubuntu.com/usn/USN-2992-1

[Mailing List] http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00062.html

[Vendor Advisory] https://access.redhat.com/errata/RHSA-2016:1190

[Third Party Advisory] https://security.gentoo.org/glsa/201607-07

[Mailing List] http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00063.html

Scores

CVSS v3 6.5

EPSS 0.1263

EPSS Percentile 94.0%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

Details

CWE

CWE-200

Status published

Products (12)

canonical/ubuntu_linux 14.04

canonical/ubuntu_linux 15.10

canonical/ubuntu_linux 16.04

debian/debian_linux 8.0

google/chrome < 50.0.2661.102

google/v8 < 5.1.281

opensuse/leap 42.1

opensuse/opensuse 13.2

redhat/enterprise_linux_desktop 6.0

redhat/enterprise_linux_server 6.0

... and 2 more

Published Jun 05, 2016

Tracked Since Feb 18, 2026