Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
4.3
CVSSv2

CVE-2020-16040

Published: 08/01/2021 Updated: 21/07/2021
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6
CVSS v3 Base Score: 6.5 | Impact Score: 3.6 | Exploitability Score: 2.8
VMScore: 385
Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P
Subscribe to Chrome

Vulnerability Summary

Insufficient data validation in V8 in Google Chrome before 87.0.4280.88 allowed a remote malicious user to potentially exploit heap corruption via a crafted HTML page.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

google chrome

Vendor Advisories

Debian Security Advisories: DSA-4824-1 chromium -- security update
Multiple security issues were discovered in the Chromium web browser, which could result in the execution of arbitrary code, denial of service or information disclosure For the stable distribution (buster), these problems have been fixed in version 870428088-04~deb10u1 We recommend that you upgrade your chromium packages For the detailed sec ...
Arch Linux Issues:
An insufficient data validation security issue has been found in the V8 component of the chromium browser before version 870428088 ...
Google Chrome: Stable Channel Update for Desktop
The Stable channel has been updated to 870428088 for Windows, Mac and Linux which will roll out over the coming days/weeksA full list of changes in this build is available in the log Interested in switching release channels?  Find out how here If you find a new issue, please let us know by filing a bug The community help forum is also a ...

Exploits

Exploit DB: Google Chrome 86.0.4240 V8 Remote Code Execution
Insufficient data validation in V8 in Google Chrome versions prior to 870428088 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page ...
Exploit DB: Google Chrome SimplfiedLowering Integer Overflow
This Metasploit module exploits an issue in Google Chrome versions before 870428088 (64 bit) The exploit makes use of an integer overflow in the SimplifiedLowering phase in turbofan It is used along with a typer hardening bypass using ArrayPrototypeShift to create a JSArray with a length of -1 This is abused to gain arbitrary read/write into ...
Exploit DB: Google Chrome 86.0.4240 V8 Remote Code Execution
Insufficient data validation in V8 in Google Chrome versions prior to 870428088 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page ...

Github Repositories

https://github.com/singularseclab/Browser_Exploits

A collection of browser exploitation codes from Singular Security Lab.

Browser Exploits A collection of browser exploitation codes from Singular Security Lab CVE-2022-1310 Target: V8 Version: 8311013 Arch: X86-64 Credit: Brendon Tiszka(Bug collision) Webkit Bug 216378 Target: JavaScriptCore Version: Safari-6092912 Arch: X86-64 Credit: Unknown(Bug collision) CVE-2020-16040 & CVE-2020-16041 Target: Samsung Browser Fu

https://github.com/anvbis/trivialize

A tool for javascript engine proof-of-concept simplification.

Trivialize A tool for javascript engine proof-of-concept simplification Built on top of the REPRL code

https://github.com/yuvaly0/exploits

some N-days I've decided to exploit cve-2016-5195 (dirty cow) cve-2019-13768 (chrome - mojo uaf) - currently only working poc cve-2020-16040 (v8 - turbofan) cve-2021-30632 (v8 - turbofan - GPA bug)

https://github.com/yuvaly0/N-day-cve-s

some N-days I've decided to exploit cve-2016-5195 (dirty cow) cve-2019-13768 (chrome - mojo uaf) - currently only working poc cve-2020-16040 (v8 - turbofan) cve-2021-30632 (v8 - turbofan - GPA bug)

https://github.com/ret2eax/ret2eax

Config files for my GitHub profile.

    Introduction πŸ‘‹ Hi, I’m @ret2eax πŸ‘€ Feel free to snoop around πŸ’‘ I’m interested in reverse engineering, vulnerability research & exploit development πŸ“Œ Currently focused on developing skillset in browser exploitation Website(s) HOMECREW (Personal Website) INGENIUM LABS (Commercial Services) Research, Publications &am

https://github.com/r4j0x00/exploits

exploits CVE-2021-22600: Linux kernel LPE exploit CVE-2021-3156: Linux local privilege escalation through heap overflow in sudo (Demo) CVE-2021-3156: One shot exploit for heap overflow vulnerability in sudo CVE-2020-6507: Out of bounds write in V8 Chrome versions <= 830410397 (RCE) CVE-2020-16040: Chrome exploit versions <= 870428088

https://github.com/oneoy/exploits1

exploits CVE-2021-3156: Linux local privilege escalation through heap overflow in sudo (Demo) CVE-2021-3156 One shot exploit CVE-2020-6507: Out of bounds write in V8 Chrome versions <= 830410397 (RCE) CVE-2020-16040: Chrome exploit versions <= 870428088

References

CWE-20CWE-787CWE-190https://chromereleases.googleblog.com/2020/12/stable-channel-update-for-desktop.htmlhttps://crbug.com/1150649http://packetstormsecurity.com/files/162087/Google-Chrome-86.0.4240-V8-Remote-Code-Execution.htmlhttp://packetstormsecurity.com/files/162106/Google-Chrome-86.0.4240-V8-Remote-Code-Execution.htmlhttp://packetstormsecurity.com/files/162144/Google-Chrome-SimplfiedLowering-Integer-Overflow.htmlhttps://nvd.nist.govhttps://www.debian.org/security/2021/dsa-4824https://github.com/singularseclab/Browser_Exploits
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-3675CVE-2024-3400CVE-2024-23557mass assignmentCVE-2023-1389local file inclusionCVE-2024-32596file uploadCVE-2024-32593
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook