CVE-2016-5172

Sažetak

The parser in Google V8, as used in Google Chrome before 53.0.2785.113, mishandles scopes, which allows remote attackers to obtain sensitive information from arbitrary memory locations via crafted JavaScript code.

Reference

https://crbug.com/616386
http://www.debian.org/security/2016/dsa-3667
http://www.securitytracker.com/id/1036826
http://www.securityfocus.com/bid/92942
https://googlechromereleases.blogspot.com/2016/09/stable-channel-update-for-desktop_13.html
https://codereview.chromium.org/2077283004
https://security.gentoo.org/glsa/201610-09
http://rhn.redhat.com/errata/RHSA-2016-1905.html

CVSS

Base:	4.3
Impact:	2.9
Exploitability:	8.6

Pristup

Vektor	Složenost	Autentikacija
NETWORK	MEDIUM	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	NONE	NONE

CVSS vektor

AV:N/AC:M/Au:N/C:P/I:N/A:N

Zadnje važnije ažuriranje

07-11-2023 - 02:33

Objavljeno

25-09-2016 - 20:59