Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
8.8
CVSSv3

CVE-2016-1669

Published: 14/05/2016 Updated: 07/11/2023
CVSS v2 Base Score: 9.3 | Impact Score: 10 | Exploitability Score: 8.6
CVSS v3 Base Score: 8.8 | Impact Score: 5.9 | Exploitability Score: 2.8
VMScore: 829
Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Subscribe to Debian Linux

Vulnerability Summary

The Zone::New function in zone.cc in Google V8 prior to 5.0.71.47, as used in Google Chrome prior to 50.0.2661.102, does not properly determine when to expand certain memory allocations, which allows remote malicious users to cause a denial of service (buffer overflow) or possibly have unspecified other impact via crafted JavaScript code.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

debian debian linux 8.0

google chrome

opensuse opensuse 13.1

google v8

nodejs node.js

canonical ubuntu linux 15.10

canonical ubuntu linux 14.04

canonical ubuntu linux 16.04

Vendor Advisories

Ubuntu Security Notice: oxide-qt vulnerabilities
Several security issues were fixed in Oxide ...
Red Hat: Important: rh-nodejs4-nodejs and rh-nodejs4-http-parser security update
Synopsis Important: rh-nodejs4-nodejs and rh-nodejs4-http-parser security update Type/Severity Security Advisory: Important Topic An update for rh-nodejs4-nodejs and rh-nodejs4-http-parser is now available for Red Hat Software CollectionsRed Hat Product Security has rated this update as having a security i ...
Red Hat: Moderate: v8 security update
Synopsis Moderate: v8 security update Type/Severity Security Advisory: Moderate Topic An update for v8 is now available for Red Hat OpenStack Platform 100 (Newton)Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) base score ...
Red Hat: Moderate: v8 security update
Synopsis Moderate: v8 security update Type/Severity Security Advisory: Moderate Topic An update for v8 is now available for Red Hat Enterprise Linux OpenStack Platform 70 (Kilo) for RHEL 7Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring ...
Red Hat: Moderate: v8 security update
Synopsis Moderate: v8 security update Type/Severity Security Advisory: Moderate Topic An update for v8 is now available for Red Hat OpenStack Platform 80 (Liberty)Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) base score ...
Red Hat: Important: Satellite 6.3 security, bug fix, and enhancement update
Synopsis Important: Satellite 63 security, bug fix, and enhancement update Type/Severity Security Advisory: Important Topic An update is now available for Red Hat SatelliteRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) ...
Red Hat: Moderate: v8 security update
Synopsis Moderate: v8 security update Type/Severity Security Advisory: Moderate Topic An update for v8 is now available for Red Hat OpenStack Platform 90 (Mitaka)Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) base score, ...

Recent Articles

DROWN-ing Xcode developer? Apple's thrown you a lifebelt
The Register • Richard Chirgwin • 30 Oct 2016

iCloud and iTunes on Windows also need patching

Apple has published security updates for Xcode, iCloud for Windows, and iTunes for Windows. Xcode 8.1 plugs holes the Xcode server inherited from Chrome, OpenSSL and node.js. Apple's announcement is here. There's a bunch of OpenSSL patches to start with: CVE-2015-6764 and CVE-2016-1669 are bugs inherited from Google Chrome code. CVE-2016-2086, CVE-2016-2216 and CVE-2015-8027 splat bugs in node.js. Cupertino has also updated iCloud for Windows against two bugs: CVE-2016-4613, reported by Google s...

Read more...

References

CWE-119http://www.securityfocus.com/bid/90584https://access.redhat.com/errata/RHSA-2017:0880http://www.securitytracker.com/id/1035872http://rhn.redhat.com/errata/RHSA-2016-1080.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-05/msg00043.htmlhttps://access.redhat.com/errata/RHSA-2017:0881https://codereview.chromium.org/1945313002https://access.redhat.com/errata/RHSA-2018:0336https://access.redhat.com/errata/RHSA-2017:0882http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00048.htmlhttp://www.debian.org/security/2016/dsa-3590http://www.ubuntu.com/usn/USN-2960-1https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CITS5GIUTNWVSUXMSORIAJJLQBEGL2CK/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZPTKXI62OPCJCJGCSFMST4HIBQ27J72W/https://crbug.com/606115https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05347541https://access.redhat.com/errata/RHSA-2017:0879http://googlechromereleases.blogspot.com/2016/05/stable-channel-update.htmlhttp://lists.opensuse.org/opensuse-updates/2016-07/msg00063.htmlhttp://rhn.redhat.com/errata/RHSA-2017-0002.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-05/msg00050.htmlhttps://security.gentoo.org/glsa/201605-02https://usn.ubuntu.com/2960-1/https://nvd.nist.gov
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
encryptionCVE-2024-4331CVE-2024-26925arbitrary codeCVE-2006-4304CVE-2024-25458CVE-2024-27077reflected XSSCVE-2024-4059
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook