CVE-2016-1646

Опубликовано: 29 мар. 2016

Источник: nvd

CVSS3: 8.8

CVSS2: 9.3

EPSS Средний

Описание

The Array.prototype.concat implementation in builtins.cc in Google V8, as used in Google Chrome before 49.0.2623.108, does not properly consider element data types, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via crafted JavaScript code.

Ссылки

http://googlechromereleases.blogspot.com/2016/03/stable-channel-update_24.html
Release Notes
Vendor Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00000.html
Mailing List
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00001.html
Mailing List
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00039.html
Mailing List
Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2016-0525.html
Third Party Advisory
http://www.debian.org/security/2016/dsa-3531
Mailing List
Third Party Advisory
http://www.securitytracker.com/id/1035423
Broken Link
Third Party Advisory
VDB Entry
http://www.ubuntu.com/usn/USN-2955-1
Third Party Advisory
https://code.google.com/p/chromium/issues/detail?id=594574
Exploit
Issue Tracking
Mailing List
https://codereview.chromium.org/1804963002/
Patch
https://security.gentoo.org/glsa/201605-02
Third Party Advisory
http://googlechromereleases.blogspot.com/2016/03/stable-channel-update_24.html
Release Notes
Vendor Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00000.html
Mailing List
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00001.html
Mailing List
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00039.html
Mailing List
Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2016-0525.html
Third Party Advisory
http://www.debian.org/security/2016/dsa-3531
Mailing List
Third Party Advisory
http://www.securitytracker.com/id/1035423
Broken Link
Third Party Advisory
VDB Entry
http://www.ubuntu.com/usn/USN-2955-1
Third Party Advisory
https://code.google.com/p/chromium/issues/detail?id=594574
Exploit
Issue Tracking
Mailing List

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*

cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*

Конфигурация 2

Одно из

cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*

Конфигурация 3

cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*

Версия до 49.0.2623.108 (исключая)

Конфигурация 4

Одно из

cpe:2.3:a:suse:package_hub:-:*:*:*:*:*:*:*

cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*

cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*

Конфигурация 5

Одно из

cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_eus:6.7:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*

EPSS

Процентиль: 99%

0.68652

Средний

8.8 High

CVSS3

9.3 Critical

CVSS2

Дефекты

CWE-125

Связанные уязвимости

CVE-2016-1646

CVSS3: 8.8

ubuntu

почти 10 лет назад

CVE-2016-1646

redhat

почти 10 лет назад

CVE-2016-1646

CVSS3: 8.8

debian

почти 10 лет назад

The Array.prototype.concat implementation in builtins.cc in Google V8, ...

GHSA-93cg-vfx4-pxr4

CVSS3: 8.8

github

больше 3 лет назад

BDU:2016-00915

fstec

почти 10 лет назад

Уязвимость браузера Google Chrome, позволяющая нарушителю вызвать отказ в обслуживании или оказать другое воздействие

EPSS

Процентиль: 99%

0.68652

Средний

8.8 High

CVSS3

9.3 Critical

CVSS2

Дефекты

CWE-125