CVE-2016-1663

7 documents7 sources
Severity
8.8HIGH
EPSS
1.4%
top 19.43%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
6
Google ChromeOpensuse OpensuseRedhat Enterprise Linux Desktop Supplementary+3 more
Timeline
PublishedMay 14
Latest updateMay 14

Description

The SerializedScriptValue::transferArrayBuffers function in WebKit/Source/bindings/core/v8/SerializedScriptValue.cpp in the V8 bindings in Blink, as used in Google Chrome before 50.0.2661.94, mishandles certain array-buffer data structures, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted web site.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages5 packages

NVDgoogle/chrome50.0.2661.87
Ubuntuchromium-browser< 50.0.2661.102-0ubuntu0.14.04.1.1117+1

Also affects: Enterprise Linux 6.0, 6.7z

🔴Vulnerability Details

3
GHSA
GHSA-2ccj-846w-29c9: The SerializedScriptValue::transferArrayBuffers function in WebKit/Source/bindings/core/v8/SerializedScriptValue2022-05-14
CVEList
CVE-2016-1663: The SerializedScriptValue::transferArrayBuffers function in WebKit/Source/bindings/core/v8/SerializedScriptValue2016-05-14
OSV
CVE-2016-1663: The SerializedScriptValue::transferArrayBuffers function in WebKit/Source/bindings/core/v8/SerializedScriptValue2016-04-29

📋Vendor Advisories

2
Ubuntu
Oxide vulnerabilities2016-05-18
Red Hat
chromium-browser: use-after-free in blink's v8 bindings2016-04-28

💬Community

1
Bugzilla
CVE-2016-1663 chromium-browser: use-after-free in blink's v8 bindings2016-04-29
CVE-2016-1663 (HIGH CVSS 8.8) | The SerializedScriptValue::transfer | cvebase.io