uri.js in Google V8 prior to 5.1.281.26, as used in Google Chrome prior to 51.0.2704.63, uses an incorrect array type, which allows remote malicious users to obtain sensitive information by calling the decodeURI function and leveraging "type confusion."
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
google chrome |
||
debian debian linux 8.0 |
||
canonical ubuntu linux 16.04 |
||
canonical ubuntu linux 15.10 |
||
redhat enterprise linux desktop 6.0 |
||
canonical ubuntu linux 14.04 |
||
redhat enterprise linux server 6.0 |
||
redhat enterprise linux workstation 6.0 |
||
suse linux enterprise 12.0 |
||
opensuse leap 42.1 |
||
opensuse opensuse 13.2 |
||
google v8 |