6.8
CVSSv2

CVE-2016-5198

Published: 19/01/2017 Updated: 05/01/2018
CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6
CVSS v3 Base Score: 8.8 | Impact Score: 5.9 | Exploitability Score: 2.8
VMScore: 606
Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

Vulnerability Summary

V8 in Google Chrome before 54.0.2840.90 for Linux, and 54.0.2840.85 for Android, and 54.0.2840.87 for Windows and Mac included incorrect optimisation assumptions, which allowed a remote malicious user to perform arbitrary read/write operations, leading to code execution, via a crafted HTML page.

Affected Products

Vendor Product Versions
GoogleChrome54.0.2840.71

Vendor Advisories

Synopsis Important: chromium-browser security update Type/Severity Security Advisory: Important Topic An update for chromium-browser is now available for Red Hat Enterprise Linux 6 SupplementaryRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability S ...
Several security issues were fixed in Oxide ...
V8 in Google Chrome prior to 540284090 for Linux, and 540284085 for Android, and 540284087 for Windows and Mac included incorrect optimisation assumptions, which allowed a remote attacker to perform arbitrary read/write operations, leading to code execution, via a crafted HTML page ...
An out of bounds memory access flaw was found in the V8 component of the Chromium browser ...
Arch Linux Security Advisory ASA-201612-18 ========================================== Severity: Critical Date : 2016-12-17 CVE-ID : CVE-2016-5133 CVE-2016-5147 CVE-2016-5153 CVE-2016-5155 CVE-2016-5161 CVE-2016-5166 CVE-2016-5170 CVE-2016-5171 CVE-2016-5172 CVE-2016-5181 CVE-2016-5185 CVE-2016-5186 CVE-2016-5187 C ...

Github Repositories

Case Study of JavaScript Engine Vulnerabilities V8 CVE Number Feature Keywords Credit CVE-2013-6632 TypedArray Integer Overflow, OOB Pinkie Pie CVE-2014-1705 TypedArray Invalid Array Length, OOB geohot CVE-2014-3176 Arrayconcat Side Effect, OOB lokihardt CVE-2014-7927 Optimization asmjs, OOB Christian Holler CVE-2014-7928 Optimization Array Christian Holler C

Awesome CVE PoC A curated list of CVE PoCs Here is a collection about Proof of Concepts of Common Vulnerabilities and Exposures, and you may also want to check out awesome-web-security Please read the contribution guidelines before contributing This repo is full of PoCs for CVEs If you enjoy this awesome list and would like to support it, check out my Patreon page :