Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2016-1624

Опубликовано: 14 фев. 2016
Источник: debian

Описание

Integer underflow in the ProcessCommandsInternal function in dec/decode.c in Brotli, as used in Google Chrome before 48.0.2564.109, allows remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via crafted data with brotli compression.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
chromium-browserfixed48.0.2564.116-1package
chromium-browserend-of-lifewheezypackage
chromium-browserend-of-lifesqueezepackage
brotlifixed0.3.0+dfsg-3package

Примечания

  • https://codereview.chromium.org/1662313002

  • https://codereview.chromium.org/1662313002/diff/1/third_party/brotli/dec/decode.c

  • Same fix/change as for CVE-2016-1968

Связанные уязвимости

ubuntu логотип

CVE-2016-1624

CVSS3: 8.8
ubuntu
почти 10 лет назад

Integer underflow in the ProcessCommandsInternal function in dec/decode.c in Brotli, as used in Google Chrome before 48.0.2564.109, allows remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via crafted data with brotli compression.

redhat логотип

CVE-2016-1624

redhat
почти 10 лет назад

Integer underflow in the ProcessCommandsInternal function in dec/decode.c in Brotli, as used in Google Chrome before 48.0.2564.109, allows remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via crafted data with brotli compression.

nvd логотип

CVE-2016-1624

CVSS3: 8.8
nvd
почти 10 лет назад

Integer underflow in the ProcessCommandsInternal function in dec/decode.c in Brotli, as used in Google Chrome before 48.0.2564.109, allows remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via crafted data with brotli compression.

github логотип

GHSA-5mx7-hhwx-7mq8

CVSS3: 8.8
github
больше 3 лет назад

Integer underflow in the ProcessCommandsInternal function in dec/decode.c in Brotli, as used in Google Chrome before 48.0.2564.109, allows remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via crafted data with brotli compression.

fstec логотип

BDU:2016-00532

fstec
почти 10 лет назад

Уязвимость браузера Google Chrome, позволяющая нарушителю вызвать отказ в обслуживании или оказать другое воздействие