CVE-2016-1669
published 2016-05-14CVE-2016-1669: The Zone::New function in zone.cc in Google V8 before 5.0.71.47, as used in Google Chrome before 50.0.2661.102, does not properly determine when to expand…
high8.8CVSS 3.1
AVNACLPRNUIRSUCHIHAH
The Zone::New function in zone.cc in Google V8 before 5.0.71.47, as used in Google Chrome before 50.0.2661.102, does not properly determine when to expand certain memory allocations, which allows remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via crafted JavaScript code.
Affected
19 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apple | xcode | — | — |
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| debian | debian_linux | — | — |
| debian | nodejs | < nodejs 4.4.6~dfsg-1 (bookworm) | nodejs 4.4.6~dfsg-1 (bookworm) |
| chrome | <= 50.0.2661.87 | — | |
| v8 | <= 5.0.71 | — | |
| nodejs | node.js | >= 0.10.0 < 0.10.46 | 0.10.46 |
| nodejs | node.js | >= 0.12.0 < 0.12.15 | 0.12.15 |
| nodejs | node.js | 4.0.0 – 4.1.2 | — |
| nodejs | node.js | >= 4.2.0 < 4.4.6 | 4.4.6 |
| nodejs | node.js | >= 5.0.0 < 5.12.0 | 5.12.0 |
| nodejs | node.js | 6.0.0 – 6.2.0 | — |
| nodejs | nodejs | >= 0 < 4.4.6~dfsg-1 | 4.4.6~dfsg-1 |
| nodejs | nodejs | >= 0 < 4.4.6~dfsg-1 | 4.4.6~dfsg-1 |
| nodejs | nodejs | >= 0 < 4.4.6~dfsg-1 | 4.4.6~dfsg-1 |
| nodejs | nodejs | >= 0 < 4.4.6~dfsg-1 | 4.4.6~dfsg-1 |
| opensuse | opensuse | — | — |
CVSS provenance
nvdv3.18.8HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
osv8.8HIGH