Published: 27/10/2017 Updated: 07/11/2023

CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6

CVSS v3 Base Score: 8.8 | Impact Score: 5.9 | Exploitability Score: 2.8

VMScore: 605

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

Type confusion in V8 in Google Chrome before 59.0.3071.86 for Linux, Windows, and Mac, and 59.0.3071.92 for Android, allowed a remote malicious user to execute arbitrary code inside a sandbox via a crafted HTML page.

Vulnerable Product	Search on Vulmon	Subscribe to Product
google chrome
redhat enterprise linux desktop 6.0
redhat enterprise linux server 6.0
redhat enterprise linux workstation 6.0

Synopsis Important: chromium-browser security update Type/Severity Security Advisory: Important Topic An update for chromium-browser is now available for Red Hat Enterprise Linux 6 SupplementaryRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability S ...

A type confusion flaw has been found in the V8 component of the Chromium browser ...

V8_November_2017 Some V8 vuls which they were fixed in about November 2017 CVE-2017-5070 bugschromiumorg/p/chromium/issues/detail?id=722756 Chrome version: 5803029110 Channel: stable This problem belongs to the crankshaft,in the latest V8 version(16th May 2017)(use crankshaft to JIT),I can reproduce this issueAt this version,the chrome use crankshaft to JIT CVE-

CWE-843 http://www.securityfocus.com/bid/98861 https://crbug.com/722756 https://access.redhat.com/errata/RHSA-2017:1399 http://www.securitytracker.com/id/1038622 https://security.gentoo.org/glsa/201706-20 https://chromereleases.googleblog.com/2017/06/stable-channel-update-for-desktop.html https://access.redhat.com/errata/RHSA-2017:1399 https://nvd.nist.gov https://security.archlinux.org/CVE-2017-5070

CVE-2017-5070

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

Github Repositories

References

Vulmon Search

About

Products

Connect