CVE-2016-1677

MEDIUM

Google V8 <5.1.281.26 - Info Disclosure

Title source: llm

Description

uri.js in Google V8 before 5.1.281.26, as used in Google Chrome before 51.0.2704.63, uses an incorrect array type, which allows remote attackers to obtain sensitive information by calling the decodeURI function and leveraging "type confusion."

Exploits (1)

github NO CODE 31 stars

by OpenSISE · cpoc

https://github.com/OpenSISE/CVE_PoC_Collect/tree/master/Browser/CVE-2016-1677.html

View Code ZIP pw:eip

References (12)

[Patch] https://codereview.chromium.org/1936083002

[Release Notes, Vendor Advisory] http://googlechromereleases.blogspot.com/2016/05/stable-channel-update_25.html

[Third Party Advisory, VDB Entry] http://www.securitytracker.com/id/1035981

[Vendor Advisory] http://www.ubuntu.com/usn/USN-2992-1

[Vendor Advisory] https://access.redhat.com/errata/RHSA-2016:1190

[Issue Tracking] https://crbug.com/602970

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/90876

[Third Party Advisory] http://www.debian.org/security/2016/dsa-3590

[Third Party Advisory] https://security.gentoo.org/glsa/201607-07

[Mailing List] http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00062.html

[Mailing List] http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00063.html

[Mailing List] http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00005.html

Scores

CVSS v3 6.5

EPSS 0.1263

EPSS Percentile 93.9%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

Classification

CWE

CWE-200

Status draft

Affected Products (12)

google/chrome < 50.0.2661.102

canonical/ubuntu_linux

debian/debian_linux

opensuse/leap

opensuse/opensuse

redhat/enterprise_linux_desktop

redhat/enterprise_linux_server

redhat/enterprise_linux_workstation

suse/linux_enterprise

google/v8 < 5.1.281

Timeline

Published Jun 05, 2016

Tracked Since Feb 18, 2026