9.3

CVE-2016-1646

Warning
Exploit

The Array.prototype.concat implementation in builtins.cc in Google V8, as used in Google Chrome before 49.0.2623.108, does not properly consider element data types, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via crafted JavaScript code.

Data is provided by the National Vulnerability Database (NVD)
DebianDebian Linux Version8.0
DebianDebian Linux Version9.0
CanonicalUbuntu Linux Version14.04 SwEditionesm
CanonicalUbuntu Linux Version15.10
CanonicalUbuntu Linux Version16.04 SwEditionesm
GoogleChrome Version < 49.0.2623.108
SusePackage Hub Version-
OpensuseLeap Version42.1
OpensuseOpensuse Version13.1
RedhatEnterprise Linux Eus Version6.7

08.06.2022: CISA Known Exploited Vulnerabilities (KEV) Catalog

Google Chromium V8 Out-of-Bounds Read Vulnerability

Vulnerability

Google Chromium V8 Engine contains an out-of-bounds read vulnerability that allows a remote attacker to cause a denial of service or possibly have another unspecified impact via crafted JavaScript code. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.

Description

Apply updates per vendor instructions.

Required actions
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 71.72% 0.987
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 8.8 2.8 5.9
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
nvd@nist.gov 9.3 8.6 10
AV:N/AC:M/Au:N/C:C/I:C/A:C
134c704f-9b21-4f2e-91b3-4a467353bcc0 8.8 2.8 5.9
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CWE-125 Out-of-bounds Read

The product reads data past the end, or before the beginning, of the intended buffer.

http://www.debian.org/security/2016/dsa-3531
Third Party Advisory
Mailing List
http://www.securitytracker.com/id/1035423
Third Party Advisory
Broken Link
VDB Entry