The BasicJsonStringifier::SerializeJSArray function in json-stringifier.h in the JSON stringifier in Google V8, as used in Google Chrome prior to 47.0.2526.73, improperly loads array elements, which allows remote malicious users to cause a denial of service (out-of-bounds memory access) or possibly have unspecified other impact via crafted JavaScript code.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
google chrome |
||
nodejs node.js |
||
debian debian linux 8.0 |
||
debian debian linux 9.0 |
iCloud and iTunes on Windows also need patching
Apple has published security updates for Xcode, iCloud for Windows, and iTunes for Windows. Xcode 8.1 plugs holes the Xcode server inherited from Chrome, OpenSSL and node.js. Apple's announcement is here. There's a bunch of OpenSSL patches to start with: CVE-2015-6764 and CVE-2016-1669 are bugs inherited from Google Chrome code. CVE-2016-2086, CVE-2016-2216 and CVE-2015-8027 splat bugs in node.js. Cupertino has also updated iCloud for Windows against two bugs: CVE-2016-4613, reported by Google s...
DoS bug fix coming
Update: Patch delayed to include coming SSH fix Sysadmins: within around the next 24 to 48 hours, watch out for an upcoming update to node.js to cover off a couple of vulnerabilities. The most serious, CVE-2015-8027, is a remotely-exploitable denial-of-service (DoS) bug that the node.js Foundation is keeping embargoed until the patch is issued. The DoS bug affects all versions of v0.12.x through to v5.x, but not versions 0.10.x. The second, CVE-2015-6764, is an out-of-bounds access vulnerability...