CVE-2016-1669

high
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

The Zone::New function in zone.cc in Google V8 before 5.0.71.47, as used in Google Chrome before 50.0.2661.102, does not properly determine when to expand certain memory allocations, which allows remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via crafted JavaScript code.

References

http://googlechromereleases.blogspot.com/2016/05/stable-channel-update.html

http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00043.html

http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00050.html

http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00048.html

http://lists.opensuse.org/opensuse-updates/2016-07/msg00063.html

http://rhn.redhat.com/errata/RHSA-2016-1080.html

http://rhn.redhat.com/errata/RHSA-2017-0002.html

http://www.debian.org/security/2016/dsa-3590

http://www.securityfocus.com/bid/90584

http://www.securitytracker.com/id/1035872

http://www.ubuntu.com/usn/USN-2960-1

https://access.redhat.com/errata/RHSA-2017:0879

https://access.redhat.com/errata/RHSA-2017:0880

https://access.redhat.com/errata/RHSA-2017:0881

https://access.redhat.com/errata/RHSA-2017:0882

https://access.redhat.com/errata/RHSA-2018:0336

https://codereview.chromium.org/1945313002

https://crbug.com/606115

https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05347541

https://lists.fedoraproject.org/archives/list/[email protected]/message/CITS5GIUTNWVSUXMSORIAJJLQBEGL2CK/

https://lists.fedoraproject.org/archives/list/[email protected]/message/ZPTKXI62OPCJCJGCSFMST4HIBQ27J72W/

https://security.gentoo.org/glsa/201605-02

Details

Source: MITRE

Published: 2016-05-14

Updated: 2018-10-30

Type: CWE-119

Risk Information

CVSS v2

Base Score: 9.3

Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

Impact Score: 10

Exploitability Score: 8.6

Severity: HIGH

CVSS v3

Base Score: 8.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Impact Score: 5.9

Exploitability Score: 2.8

Severity: HIGH

Vulnerable Software

Configuration 1

OR

cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*

Configuration 2

OR

cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:* versions up to 50.0.2661.87 (inclusive)

Configuration 3

OR

cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*

Configuration 4

OR

cpe:2.3:a:google:v8:*:*:*:*:*:*:*:* versions up to 5.0.71 (inclusive)

Tenable Plugins

View all (16 total)

IDNameProductFamilySeverity
107053RHEL 7 : Satellite Server (RHSA-2018:0336)NessusRed Hat Local Security Checks
high
94935Apple Xcode < 8.1 Node.js Multiple RCE (macOS)NessusMacOS X Local Security Checks
critical
94002openSUSE Security Update : nodejs (openSUSE-2016-1172)NessusSuSE Local Security Checks
high
92830Fedora 23 : 1:v8 (2016-6fd3131c03)NessusFedora Local Security Checks
high
92812Fedora 24 : 1:v8 (2016-e720bc8451)NessusFedora Local Security Checks
high
92488openSUSE Security Update : nodejs (openSUSE-2016-884)NessusSuSE Local Security Checks
high
91848openSUSE Security Update : Chromium (openSUSE-2016-756)NessusSuSE Local Security Checks
critical
9371Google Chrome < 50.0.2661.102 Multiple VulnerabilitiesNessus Network MonitorWeb Clients
high
91429Debian DSA-3590-1 : chromium-browser - security updateNessusDebian Local Security Checks
high
91371FreeBSD : chromium -- multiple vulnerabilities (4dfafa16-24ba-11e6-bd31-3065ec8fd3ec)NessusFreeBSD Local Security Checks
high
91257Ubuntu 14.04 LTS / 15.10 / 16.04 LTS : oxide-qt vulnerabilities (USN-2960-1)NessusUbuntu Local Security Checks
critical
91177openSUSE Security Update : Chromium (openSUSE-2016-584)NessusSuSE Local Security Checks
high
91176GLSA-201605-02 : Chromium: Multiple vulnerabilitiesNessusGentoo Local Security Checks
critical
91157RHEL 6 : chromium-browser (RHSA-2016:1080)NessusRed Hat Local Security Checks
high
91129Google Chrome < 50.0.2661.102 Multiple Vulnerabilities (Mac OS X)NessusMacOS X Local Security Checks
critical
91128Google Chrome < 50.0.2661.102 Multiple VulnerabilitiesNessusWindows
critical