CVE-2016-1646
published 2016-03-29CVE-2016-1646: The Array.prototype.concat implementation in builtins.cc in Google V8, as used in Google Chrome before 49.0.2623.108, does not properly consider element data…
PriorityP278high8.8CVSS 3.1
AVNACLPRNUIRSUCHIHAH
KEVITW
CISA Known Exploited Vulnerabilitydue 2022-06-22
Exploited in the wild
EPSS
48.11%
98.7th percentile
The Array.prototype.concat implementation in builtins.cc in Google V8, as used in Google Chrome before 49.0.2623.108, does not properly consider element data types, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via crafted JavaScript code.
Affected
12 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| debian | debian_linux | — | — |
| debian | debian_linux | — | — |
| chrome | < 49.0.2623.108 | 49.0.2623.108 | |
| opensuse | leap | — | — |
| opensuse | opensuse | — | — |
| redhat | enterprise_linux_desktop | — | — |
| redhat | enterprise_linux_eus | — | — |
| redhat | enterprise_linux_server | — | — |
| redhat | enterprise_linux_workstation | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Vulnerability exists in the Array.prototype.concat implementation in builtins.cc in Google V8; crafted JavaScript code triggering out-of-bounds read is the attack vector ↗
- →Attack is delivered via crafted JavaScript and can affect multiple Chromium-based browsers including Google Chrome, Microsoft Edge, and Opera — monitor for exploitation attempts through browser-based JavaScript execution ↗
- ·Vulnerable versions are Google Chrome before 49.0.2623.108; ensure patched version is 49.0.2623.108 or later ↗
- ·Red Hat Enterprise Linux 6 Supplementary users should apply RHSA-2016:0525 to remediate the affected chromium-browser package ↗
CVSS provenance
nvdv3.18.8HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
nvdv2.09.3CRITICALAV:N/AC:M/Au:N/C:C/I:C/A:C
osv9.8CRITICAL
vulncheck8.8HIGH
cisa8.8HIGH
vendor_ubuntu9.8CRITICAL
vendor_redhat8.8HIGH
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
VulDB
Google Chrome up to 49 v8 Engine memory corruption (Nessus ID 91176 / ID 196454)
vuldb·2026-04-23·CVSS 8.8
CVE-2016-1646 [HIGH] Google Chrome up to 49 v8 Engine memory corruption (Nessus ID 91176 / ID 196454)
A vulnerability was found in Google Chrome up to 49. It has been classified as critical. This impacts an unknown function of the component v8 Engine. This manipulation causes memory corruption.
This vulnerability is handled as CVE-2016-1646. The attack can be initiated remotely. Additionally, an exploit exists.
Upgrading the affected component is recommended.
GHSA
GHSA-93cg-vfx4-pxr4: The Array
ghsa_unreviewed·2022-05-14
CVE-2016-1646 [HIGH] CWE-119 GHSA-93cg-vfx4-pxr4: The Array
The Array.prototype.concat implementation in builtins.cc in Google V8, as used in Google Chrome before 49.0.2623.108, does not properly consider element data types, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via crafted JavaScript code.
OSV
oxide-qt vulnerabilities
osv·2016-04-27·CVSS 9.8
CVE-2016-1578 [CRITICAL] oxide-qt vulnerabilities
oxide-qt vulnerabilities
A use-after-free was discovered when responding synchronously to
permission requests. An attacker could potentially exploit this to cause
a denial of service via application crash, or execute arbitrary code with
the privileges of the user invoking the program. (CVE-2016-1578)
An out-of-bounds read was discovered in V8. If a user were tricked in to
opening a specially crafted website, an attacker could potentially exploit
this to cause a denial of service via renderer crash. (CVE-2016-1646)
A use-after-free was discovered in the navigation implementation in
Chromium in some circumstances. If a user were tricked in to opening a
specially crafted website, an attacker could potentially exploit this to
cause a denial of service via application crash, or execute arbit
OSV
CVE-2016-1646: The Array
osv·2016-03-29·CVSS 8.8
CVE-2016-1646 [HIGH] CVE-2016-1646: The Array
The Array.prototype.concat implementation in builtins.cc in Google V8, as used in Google Chrome before 49.0.2623.108, does not properly consider element data types, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via crafted JavaScript code.
VulnCheck
Google Chromium V8 Out-of-Bounds Read Vulnerability
vulncheck·2016·CVSS 8.8
CVE-2016-1646 [HIGH] CWE-119 Google Chromium V8 Out-of-Bounds Read Vulnerability
Google Chromium V8 Out-of-Bounds Read Vulnerability
Google Chromium V8 Engine contains an out-of-bounds read vulnerability that allows a remote attacker to cause a denial of service or possibly have another unspecified impact via crafted JavaScript code. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.
Affected: Google Chromium V8
Required Action: Apply updates per vendor instructions.
Exploitation References: https://citizenlab.ca/2019/09/poison-carp-tibetan-groups-targeted-with-1-click-mobile-exploits/; https://www.cisa.gov/sites/default/files/feeds/known_exploited_vulnerabilities.json; https://www.trendmicro.com/en_us/research/24/l/earth-minotaur.html
Remediation Due: 2022-06-22
CISA
Google Chromium V8 Out-of-Bounds Read Vulnerability
cisa·2022-06-08·CVSS 8.8
CVE-2016-1646 [HIGH] CWE-119 Google Chromium V8 Out-of-Bounds Read Vulnerability
Vulnerability: Google Chromium V8 Out-of-Bounds Read Vulnerability
Affected: Google Chromium V8
Google Chromium V8 Engine contains an out-of-bounds read vulnerability that allows a remote attacker to cause a denial of service or possibly have another unspecified impact via crafted JavaScript code. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.
Required Action: Apply updates per vendor instructions.
Notes: https://nvd.nist.gov/vuln/detail/CVE-2016-1646
Remediation Due Date: 2022-06-22
Ubuntu
Oxide vulnerabilities
vendor_ubuntu·2016-04-27·CVSS 9.8
CVE-2016-1578 [CRITICAL] Oxide vulnerabilities
Title: Oxide vulnerabilities
Summary: Several security issues were fixed in Oxide.
A use-after-free was discovered when responding synchronously to
permission requests. An attacker could potentially exploit this to cause
a denial of service via application crash, or execute arbitrary code with
the privileges of the user invoking the program. (CVE-2016-1578)
An out-of-bounds read was discovered in V8. If a user were tricked in to
opening a specially crafted website, an attacker could potentially exploit
this to cause a denial of service via renderer crash. (CVE-2016-1646)
A use-after-free was discovered in the navigation implementation in
Chromium in some circumstances. If a user were tricked in to opening a
specially crafted website, an attacker could potentially exploit this to
cause
Red Hat
chromium-browser: out-of-bounds read in V8
vendor_redhat·2016-03-24·CVSS 8.8
CVE-2016-1646 [HIGH] chromium-browser: out-of-bounds read in V8
chromium-browser: out-of-bounds read in V8
The Array.prototype.concat implementation in builtins.cc in Google V8, as used in Google Chrome before 49.0.2623.108, does not properly consider element data types, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via crafted JavaScript code.
No detection rules found.
No public exploits indexed.
Trendmicro
MOONSHINE Exploit Kit and DarkNimbus Backdoor Enabling Earth Minotaur’s Multi-Platform Attacks
blogs_trendmicro·2024-12-05
MOONSHINE Exploit Kit and DarkNimbus Backdoor Enabling Earth Minotaur’s Multi-Platform Attacks
Ciberamenazas
## MOONSHINE Exploit Kit and DarkNimbus Backdoor Enabling Earth Minotaur’s Multi-Platform Attacks
Trend Micro’s monitoring of the MOONSHINE exploit kit revealed how it’s used by the threat actor Earth Minotaur to exploit Android messaging app vulnerabilities and install the DarkNimbus backdoor for surveillance.
By: Joseph C Chen, Daniel Lunghi Dec 05, 2024 Read time: ( words)
Save to Folio
## Summary
Trend Micro researchers investigated a group named Earth Minotaur that used the MOONSHINE exploit kit in the wild. MOONSHINE, which has over 55 servers identified as of 2024, has been updated with more exploits and functions compared to its previous version reported in 2019.
MOONSHINE exploit kit targets vulnerabilities in instant messaging apps on Android devices, primari
Trendmicro
MOONSHINE Exploit Kit and DarkNimbus Backdoor Enabling Earth Minotaur’s Multi-Platform Attacks
blogs_trendmicro·2024-12-05
MOONSHINE Exploit Kit and DarkNimbus Backdoor Enabling Earth Minotaur’s Multi-Platform Attacks
Cyber Threats
# MOONSHINE Exploit Kit and DarkNimbus Backdoor Enabling Earth Minotaur’s Multi-Platform Attacks
Trend Micro’s monitoring of the MOONSHINE exploit kit revealed how it’s used by the threat actor Earth Minotaur to exploit Android messaging app vulnerabilities and install the DarkNimbus backdoor for surveillance.
By: Joseph C Chen, Daniel Lunghi
2024/12/05
Read time: ( words)
Save to Folio
#### Summary
- Trend Micro researchers investigated a group named Earth Minotaur that used the MOONSHINE exploit kit in the wild. MOONSHINE, which has over 55 servers identified as of 2024, has been updated with more exploits and functions compared to its previous version reported in 2019.
- MOONSHINE exploit kit targets vulnerabilities in instant messaging apps on Android devices, prim
Trendmicro
MOONSHINE Exploit Kit and DarkNimbus Backdoor Enabling Earth Minotaur’s Multi-Platform Attacks
blogs_trendmicro·2024-12-05
MOONSHINE Exploit Kit and DarkNimbus Backdoor Enabling Earth Minotaur’s Multi-Platform Attacks
Cyber Threats
## MOONSHINE Exploit Kit and DarkNimbus Backdoor Enabling Earth Minotaur’s Multi-Platform Attacks
Trend Micro’s monitoring of the MOONSHINE exploit kit revealed how it’s used by the threat actor Earth Minotaur to exploit Android messaging app vulnerabilities and install the DarkNimbus backdoor for surveillance.
By: Joseph C Chen, Daniel Lunghi 2024/12/05 Read time: ( words)
Save to Folio
## Summary
Trend Micro researchers investigated a group named Earth Minotaur that used the MOONSHINE exploit kit in the wild. MOONSHINE, which has over 55 servers identified as of 2024, has been updated with more exploits and functions compared to its previous version reported in 2019.
MOONSHINE exploit kit targets vulnerabilities in instant messaging apps on Android devices, primarily
Trendmicro
MOONSHINE Exploit Kit and DarkNimbus Backdoor Enabling Earth Minotaur’s Multi-Platform Attacks
blogs_trendmicro·2024-12-05
MOONSHINE Exploit Kit and DarkNimbus Backdoor Enabling Earth Minotaur’s Multi-Platform Attacks
Cyberbedrohungen
## MOONSHINE Exploit Kit and DarkNimbus Backdoor Enabling Earth Minotaur’s Multi-Platform Attacks
Trend Micro’s monitoring of the MOONSHINE exploit kit revealed how it’s used by the threat actor Earth Minotaur to exploit Android messaging app vulnerabilities and install the DarkNimbus backdoor for surveillance.
By: Joseph C Chen, Daniel Lunghi Dec 05, 2024 Read time: ( words)
Save to Folio
## Summary
Trend Micro researchers investigated a group named Earth Minotaur that used the MOONSHINE exploit kit in the wild. MOONSHINE, which has over 55 servers identified as of 2024, has been updated with more exploits and functions compared to its previous version reported in 2019.
MOONSHINE exploit kit targets vulnerabilities in instant messaging apps on Android devices, prim
Trendmicro
MOONSHINE Exploit Kit and DarkNimbus Backdoor Enabling Earth Minotaur’s Multi-Platform Attacks
blogs_trendmicro·2024-12-05
MOONSHINE Exploit Kit and DarkNimbus Backdoor Enabling Earth Minotaur’s Multi-Platform Attacks
Cyber Threats
## MOONSHINE Exploit Kit and DarkNimbus Backdoor Enabling Earth Minotaur’s Multi-Platform Attacks
Trend Micro’s monitoring of the MOONSHINE exploit kit revealed how it’s used by the threat actor Earth Minotaur to exploit Android messaging app vulnerabilities and install the DarkNimbus backdoor for surveillance.
By: Joseph C Chen, Daniel Lunghi Dec 05, 2024 Read time: ( words)
Save to Folio
## Summary
Trend Micro researchers investigated a group named Earth Minotaur that used the MOONSHINE exploit kit in the wild. MOONSHINE, which has over 55 servers identified as of 2024, has been updated with more exploits and functions compared to its previous version reported in 2019.
MOONSHINE exploit kit targets vulnerabilities in instant messaging apps on Android devices, primari
Bugzilla
CVE-2016-1646 chromium-browser: out-of-bounds read in V8
bugzilla·2016-03-29·CVSS 8.8
CVE-2016-1646 [HIGH] CVE-2016-1646 chromium-browser: out-of-bounds read in V8
CVE-2016-1646 chromium-browser: out-of-bounds read in V8
A out-of-bounds read flaw was found in the V8 component of the Chromium browser.
Upstream bug(s):
https://code.google.com/p/chromium/issues/detail?id=594574
External References:
http://googlechromereleases.blogspot.com/2016/03/stable-channel-update_24.html
Discussion:
This issue has been addressed in the following products:
Red Hat Enterprise Linux 6 Supplementary
Via RHSA-2016:0525 https://rhn.redhat.com/errata/RHSA-2016-0525.html
http://googlechromereleases.blogspot.com/2016/03/stable-channel-update_24.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-04/msg00000.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-04/msg00001.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-04/msg00039.htmlhttp://rhn.redhat.com/errata/RHSA-2016-0525.htmlhttp://www.debian.org/security/2016/dsa-3531http://www.securitytracker.com/id/1035423http://www.ubuntu.com/usn/USN-2955-1https://code.google.com/p/chromium/issues/detail?id=594574https://codereview.chromium.org/1804963002/https://security.gentoo.org/glsa/201605-02http://googlechromereleases.blogspot.com/2016/03/stable-channel-update_24.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-04/msg00000.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-04/msg00001.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-04/msg00039.htmlhttp://rhn.redhat.com/errata/RHSA-2016-0525.htmlhttp://www.debian.org/security/2016/dsa-3531http://www.securitytracker.com/id/1035423http://www.ubuntu.com/usn/USN-2955-1https://code.google.com/p/chromium/issues/detail?id=594574https://codereview.chromium.org/1804963002/https://security.gentoo.org/glsa/201605-02https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2016-1646
2016-03-29
Published
2022-06-08
Added to CISA KEV
Exploited in the wild