6.8
CVSSv2

CVE-2017-5053

Published: 27/10/2017 Updated: 03/10/2019
CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6
CVSS v3 Base Score: 9.6 | Impact Score: 6 | Exploitability Score: 2.8
VMScore: 606
Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

Vulnerability Summary

An out-of-bounds read in V8 in Google Chrome before 57.0.2987.133 for Linux, Windows, and Mac, and 57.0.2987.132 for Android, allowed a remote malicious user to execute arbitrary code inside a sandbox via a crafted HTML page, related to Array.prototype.indexOf.

Vulnerability Trend

Vendor Advisories

Synopsis Critical: chromium-browser security update Type/Severity Security Advisory: Critical Topic An update for chromium-browser is now available for Red Hat Enterprise Linux 6 SupplementaryRed Hat Product Security has rated this update as having a security impact of Critical A Common Vulnerability Scor ...
An out-of-bounds read in V8 in Google Chrome prior to 5702987133 for Linux, Windows, and Mac, and 5702987132 for Android, allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page, related to ArrayprototypeindexOf ...
An out of bounds memory access vulnerability has been found in the V8 component of the Chromium browser ...
Arch Linux Security Advisory ASA-201703-19 ========================================== Severity: Critical Date : 2017-03-31 CVE-ID : CVE-2017-5052 CVE-2017-5053 CVE-2017-5054 CVE-2017-5055 CVE-2017-5056 Package : chromium Type : arbitrary code execution Remote : Yes Link : securityarchlinuxorg/AVG-231 Summary ======= ...

Github Repositories

A collection of JavaScript engine CVEs with PoCs

Case Study of JavaScript Engine Vulnerabilities V8 CVE Number Feature Keywords Credit CVE-2013-6632 TypedArray Integer Overflow, OOB Pinkie Pie CVE-2014-1705 TypedArray Invalid Array Length, OOB geohot CVE-2014-3176 Arrayconcat Side Effect, OOB lokihardt CVE-2014-7927 Optimization asmjs, OOB Christian Holler CVE-2014-7928 Optimization Array Christian Holler C

Here is a collection about Proof of Concepts of Common Vulnerabilities and Exposures, and you may also want to check out current Contents CVE-2011-2856 CVE-2011-3243 CVE-2013-2618 CVE-2013-6632 CVE-2014-1701 CVE-2014-1705 CVE-2014-1747 CVE-2014-3176 CVE-2014-6332 CVE-2014-7927 CVE-2014-7928 CVE-2015-0072 CVE-2015-0235 CVE-2015-0240 CVE-2015-1233 CVE-2015-1242 CVE-2015-1268 CV

Awesome CVE PoC A curated list of CVE PoCs Here is a collection about Proof of Concepts of Common Vulnerabilities and Exposures, and you may also want to check out awesome-web-security Please read the contribution guidelines before contributing This repo is full of PoCs for CVEs If you enjoy this awesome list and would like to support it, check out my Patreon page :