Home > Vulnerability Database > CVE-2016-1669

Mend.io Vulnerability Database

CVE-2016-1669

Date: May 14, 2016

The Zone::New function in zone.cc in Google V8 before 5.0.71.47, as used in Google Chrome before 50.0.2661.102, does not properly determine when to expand certain memory allocations, which allows remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via crafted JavaScript code.

Severity Score

8.8

Related Resources (26)

Url: https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZPTKXI62OPCJCJGCSFMST4HIBQ27J72W/

Url: https://access.redhat.com/errata/RHSA-2018:0336

Url: http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00048.html

Url: http://www.securityfocus.com/bid/90584

Url: http://rhn.redhat.com/errata/RHSA-2017-0002.html

Url: https://security.gentoo.org/glsa/201605-02

Url: http://rhn.redhat.com/errata/RHSA-2016-1080.html

Url: http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00043.html

Url: https://nvd.nist.gov/vuln/detail/CVE-2016-1669

Url: http://lists.opensuse.org/opensuse-updates/2016-07/msg00063.html

Url: http://googlechromereleases.blogspot.com/2016/05/stable-channel-update.html

Url: https://codereview.chromium.org/1945313002

Url: https://crbug.com/606115

Url: https://access.redhat.com/errata/RHSA-2017:0881

Url: https://access.redhat.com/errata/RHSA-2017:0880

Url: https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CITS5GIUTNWVSUXMSORIAJJLQBEGL2CK/

Url: https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05347541

Url: https://access.redhat.com/errata/RHSA-2017:0882

Url: http://www.securitytracker.com/id/1035872

Url: https://security-tracker.debian.org/tracker/CVE-2016-1669

Url: https://people.canonical.com/~ubuntu-security/cve/CVE-2016-1669

Url: http://www.debian.org/security/2016/dsa-3590

Url: http://www.ubuntu.com/usn/USN-2960-1

Url: https://access.redhat.com/errata/RHSA-2017:0879

Url: http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00050.html

Url: https://www.mend.io/vulnerability-database/CVE-2016-1669

Severity Score

8.8

Weakness Type (CWE)

Buffer Errors

CWE-119

CVSS v3.1

Base Score:	8.8
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	LOW
Privileges Required (PR):	NONE
User Interaction (UI):	REQUIRED
Scope (S):	UNCHANGED
Confidentiality (C):	HIGH
Integrity (I):	HIGH
Availability (A):	HIGH

CVSS v2

Base Score:	9.3
Access Vector (AV):	NETWORK
Access Complexity (AC):	MEDIUM
Authentication (AU):	NONE
Confidentiality (C):	COMPLETE
Integrity (I):	COMPLETE
Availability (A):	COMPLETE
Additional information:

Mend.io Vulnerability Database

We found results for “”

CVE-2016-1669

Date: May 14, 2016

Severity Score

Related Resources (26)

Severity Score

Weakness Type (CWE)

CVSS v3.1

CVSS v2

Do you need more information?