Search criteria
254 vulnerabilities found for enterprise_linux_desktop_supplementary by redhat
FKIE_CVE-2016-1666
Vulnerability from fkie_nvd - Published: 2016-05-14 21:59 - Updated: 2025-04-12 10:46
Severity ?
Summary
Multiple unspecified vulnerabilities in Google Chrome before 50.0.2661.94 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| redhat | enterprise_linux_desktop_supplementary | 6.0 | |
| redhat | enterprise_linux_server_supplementary | 6.0 | |
| redhat | enterprise_linux_server_supplementary_eus | 6.7z | |
| redhat | enterprise_linux_workstation_supplementary | 6.0 | |
| opensuse | opensuse | 13.1 | |
| chrome | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop_supplementary:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B8C6E104-EDBC-481E-85B8-D39ED2058D39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_supplementary:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4B74C62D-4A6D-4A4F-ADF6-A508322CD447",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_supplementary_eus:6.7z:*:*:*:*:*:*:*",
"matchCriteriaId": "FE561C57-71DE-434A-85BC-1FAAFDCC7058",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation_supplementary:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6E89B38A-3697-46DD-BB3F-E8D2373588BE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A10BC294-9196-425F-9FB0-B1625465B47F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"matchCriteriaId": "564CADC6-8AB4-4FE0-8E0A-245E87712035",
"versionEndIncluding": "50.0.2661.87",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple unspecified vulnerabilities in Google Chrome before 50.0.2661.94 allow attackers to cause a denial of service or possibly have other impact via unknown vectors."
},
{
"lang": "es",
"value": "M\u00faltiples vulnerabilidades no especificadas en Google Chrome en versiones anteriores a 50.0.2661.94 permiten a atacantes provocar una denegaci\u00f3n de servicio o posiblemente tener otro impacto a trav\u00e9s de vectores desconocidos."
}
],
"id": "CVE-2016-1666",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-05-14T21:59:06.397",
"references": [
{
"source": "chrome-cve-admin@google.com",
"url": "http://googlechromereleases.blogspot.com/2016/04/stable-channel-update_28.html"
},
{
"source": "chrome-cve-admin@google.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00002.html"
},
{
"source": "chrome-cve-admin@google.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00003.html"
},
{
"source": "chrome-cve-admin@google.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00004.html"
},
{
"source": "chrome-cve-admin@google.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00048.html"
},
{
"source": "chrome-cve-admin@google.com",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0707.html"
},
{
"source": "chrome-cve-admin@google.com",
"url": "http://www.debian.org/security/2016/dsa-3564"
},
{
"source": "chrome-cve-admin@google.com",
"url": "http://www.securityfocus.com/bid/89106"
},
{
"source": "chrome-cve-admin@google.com",
"url": "http://www.ubuntu.com/usn/USN-2960-1"
},
{
"source": "chrome-cve-admin@google.com",
"url": "https://bugs.chromium.org/p/chromium/issues/detail?id=601001"
},
{
"source": "chrome-cve-admin@google.com",
"url": "https://bugs.chromium.org/p/chromium/issues/detail?id=605491"
},
{
"source": "chrome-cve-admin@google.com",
"url": "https://crbug.com/607652"
},
{
"source": "chrome-cve-admin@google.com",
"url": "https://security.gentoo.org/glsa/201605-02"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://googlechromereleases.blogspot.com/2016/04/stable-channel-update_28.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00002.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00004.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00048.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0707.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2016/dsa-3564"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/89106"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-2960-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugs.chromium.org/p/chromium/issues/detail?id=601001"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugs.chromium.org/p/chromium/issues/detail?id=605491"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://crbug.com/607652"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201605-02"
}
],
"sourceIdentifier": "chrome-cve-admin@google.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2016-1665
Vulnerability from fkie_nvd - Published: 2016-05-14 21:59 - Updated: 2025-04-12 10:46
Severity ?
Summary
The JSGenericLowering class in compiler/js-generic-lowering.cc in Google V8, as used in Google Chrome before 50.0.2661.94, mishandles comparison operators, which allows remote attackers to obtain sensitive information via crafted JavaScript code.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| opensuse | opensuse | 13.1 | |
| redhat | enterprise_linux_desktop_supplementary | 6.0 | |
| redhat | enterprise_linux_server_supplementary | 6.0 | |
| redhat | enterprise_linux_server_supplementary_eus | 6.7z | |
| redhat | enterprise_linux_workstation_supplementary | 6.0 | |
| chrome | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A10BC294-9196-425F-9FB0-B1625465B47F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop_supplementary:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B8C6E104-EDBC-481E-85B8-D39ED2058D39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_supplementary:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4B74C62D-4A6D-4A4F-ADF6-A508322CD447",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_supplementary_eus:6.7z:*:*:*:*:*:*:*",
"matchCriteriaId": "FE561C57-71DE-434A-85BC-1FAAFDCC7058",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation_supplementary:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6E89B38A-3697-46DD-BB3F-E8D2373588BE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"matchCriteriaId": "564CADC6-8AB4-4FE0-8E0A-245E87712035",
"versionEndIncluding": "50.0.2661.87",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The JSGenericLowering class in compiler/js-generic-lowering.cc in Google V8, as used in Google Chrome before 50.0.2661.94, mishandles comparison operators, which allows remote attackers to obtain sensitive information via crafted JavaScript code."
},
{
"lang": "es",
"value": "La clase JSGenericLowering en compiler/js-generic-lowering.cc en Google V8, tal como se utiliza en Google Chrome en versiones anteriores a 50.0.2661.94, no maneja correctamente los operadores de comparaci\u00f3n, lo que permite a atacantes remotos obtener informaci\u00f3n sensible a trav\u00e9s de c\u00f3digo JavaScript manipulado."
}
],
"id": "CVE-2016-1665",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-05-14T21:59:05.367",
"references": [
{
"source": "chrome-cve-admin@google.com",
"url": "http://googlechromereleases.blogspot.com/2016/04/stable-channel-update_28.html"
},
{
"source": "chrome-cve-admin@google.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00002.html"
},
{
"source": "chrome-cve-admin@google.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00003.html"
},
{
"source": "chrome-cve-admin@google.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00004.html"
},
{
"source": "chrome-cve-admin@google.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00048.html"
},
{
"source": "chrome-cve-admin@google.com",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0707.html"
},
{
"source": "chrome-cve-admin@google.com",
"url": "http://www.debian.org/security/2016/dsa-3564"
},
{
"source": "chrome-cve-admin@google.com",
"url": "http://www.securityfocus.com/bid/89106"
},
{
"source": "chrome-cve-admin@google.com",
"url": "http://www.ubuntu.com/usn/USN-2960-1"
},
{
"source": "chrome-cve-admin@google.com",
"url": "https://codereview.chromium.org/1925463003"
},
{
"source": "chrome-cve-admin@google.com",
"url": "https://crbug.com/606181"
},
{
"source": "chrome-cve-admin@google.com",
"url": "https://security.gentoo.org/glsa/201605-02"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://googlechromereleases.blogspot.com/2016/04/stable-channel-update_28.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00002.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00004.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00048.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0707.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2016/dsa-3564"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/89106"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-2960-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://codereview.chromium.org/1925463003"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://crbug.com/606181"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201605-02"
}
],
"sourceIdentifier": "chrome-cve-admin@google.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2016-1664
Vulnerability from fkie_nvd - Published: 2016-05-14 21:59 - Updated: 2025-04-12 10:46
Severity ?
Summary
The HistoryController::UpdateForCommit function in content/renderer/history_controller.cc in Google Chrome before 50.0.2661.94 mishandles the interaction between subframe forward navigations and other forward navigations, which allows remote attackers to spoof the address bar via a crafted web site.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| chrome | * | ||
| redhat | enterprise_linux_desktop_supplementary | 6.0 | |
| redhat | enterprise_linux_server_supplementary | 6.0 | |
| redhat | enterprise_linux_server_supplementary_eus | 6.7z | |
| redhat | enterprise_linux_workstation_supplementary | 6.0 | |
| opensuse | opensuse | 13.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"matchCriteriaId": "564CADC6-8AB4-4FE0-8E0A-245E87712035",
"versionEndIncluding": "50.0.2661.87",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop_supplementary:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B8C6E104-EDBC-481E-85B8-D39ED2058D39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_supplementary:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4B74C62D-4A6D-4A4F-ADF6-A508322CD447",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_supplementary_eus:6.7z:*:*:*:*:*:*:*",
"matchCriteriaId": "FE561C57-71DE-434A-85BC-1FAAFDCC7058",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation_supplementary:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6E89B38A-3697-46DD-BB3F-E8D2373588BE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A10BC294-9196-425F-9FB0-B1625465B47F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The HistoryController::UpdateForCommit function in content/renderer/history_controller.cc in Google Chrome before 50.0.2661.94 mishandles the interaction between subframe forward navigations and other forward navigations, which allows remote attackers to spoof the address bar via a crafted web site."
},
{
"lang": "es",
"value": "La funci\u00f3n HistoryController::UpdateForCommit en content/renderer/history_controller.cc en Google Chrome en versiones anteriores a 50.0.2661.94 no maneja correctamente la interacci\u00f3n entre las navegaciones hacia delante del submarco y otras navegaciones hacia delante, lo que permite a atacantes remotos lo que permite a atacantes remotos suplantar la barra de direcci\u00f3n a trav\u00e9s de un sitio web manipulado."
}
],
"id": "CVE-2016-1664",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-05-14T21:59:04.100",
"references": [
{
"source": "chrome-cve-admin@google.com",
"url": "http://googlechromereleases.blogspot.com/2016/04/stable-channel-update_28.html"
},
{
"source": "chrome-cve-admin@google.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00002.html"
},
{
"source": "chrome-cve-admin@google.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00003.html"
},
{
"source": "chrome-cve-admin@google.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00004.html"
},
{
"source": "chrome-cve-admin@google.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00048.html"
},
{
"source": "chrome-cve-admin@google.com",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0707.html"
},
{
"source": "chrome-cve-admin@google.com",
"url": "http://www.debian.org/security/2016/dsa-3564"
},
{
"source": "chrome-cve-admin@google.com",
"url": "http://www.securityfocus.com/bid/89106"
},
{
"source": "chrome-cve-admin@google.com",
"url": "https://codereview.chromium.org/1848813005/"
},
{
"source": "chrome-cve-admin@google.com",
"url": "https://crbug.com/597322"
},
{
"source": "chrome-cve-admin@google.com",
"url": "https://security.gentoo.org/glsa/201605-02"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://googlechromereleases.blogspot.com/2016/04/stable-channel-update_28.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00002.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00004.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00048.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0707.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2016/dsa-3564"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/89106"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://codereview.chromium.org/1848813005/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://crbug.com/597322"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201605-02"
}
],
"sourceIdentifier": "chrome-cve-admin@google.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-254"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2016-1663
Vulnerability from fkie_nvd - Published: 2016-05-14 21:59 - Updated: 2025-04-12 10:46
Severity ?
Summary
The SerializedScriptValue::transferArrayBuffers function in WebKit/Source/bindings/core/v8/SerializedScriptValue.cpp in the V8 bindings in Blink, as used in Google Chrome before 50.0.2661.94, mishandles certain array-buffer data structures, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted web site.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| opensuse | opensuse | 13.1 | |
| redhat | enterprise_linux_desktop_supplementary | 6.0 | |
| redhat | enterprise_linux_server_supplementary | 6.0 | |
| redhat | enterprise_linux_server_supplementary_eus | 6.7z | |
| redhat | enterprise_linux_workstation_supplementary | 6.0 | |
| chrome | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A10BC294-9196-425F-9FB0-B1625465B47F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop_supplementary:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B8C6E104-EDBC-481E-85B8-D39ED2058D39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_supplementary:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4B74C62D-4A6D-4A4F-ADF6-A508322CD447",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_supplementary_eus:6.7z:*:*:*:*:*:*:*",
"matchCriteriaId": "FE561C57-71DE-434A-85BC-1FAAFDCC7058",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation_supplementary:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6E89B38A-3697-46DD-BB3F-E8D2373588BE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"matchCriteriaId": "564CADC6-8AB4-4FE0-8E0A-245E87712035",
"versionEndIncluding": "50.0.2661.87",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The SerializedScriptValue::transferArrayBuffers function in WebKit/Source/bindings/core/v8/SerializedScriptValue.cpp in the V8 bindings in Blink, as used in Google Chrome before 50.0.2661.94, mishandles certain array-buffer data structures, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted web site."
},
{
"lang": "es",
"value": "La funci\u00f3n SerializedScriptValue::transferArrayBuffers en WebKit/Source/bindings/core/v8/SerializedScriptValue.cpp en los enlaces V8 en Blink, tal como se utiliza en Google Chrome en versiones anteriores a 50.0.2661.94, no maneja correctamente determinadas estructuras de datos array-buffer, lo que permite a atacantes remotos provocar una denegaci\u00f3n de servicio (uso despu\u00e9s de liberaci\u00f3n de memoria) o posiblemente tener otro impacto no especificado a trav\u00e9s de un sitio web manipulado."
}
],
"evaluatorComment": "\u003ca href=\"http://cwe.mitre.org/data/definitions/416.html\"\u003eCWE-416: Use After Free\u003c/a\u003e",
"id": "CVE-2016-1663",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-05-14T21:59:03.087",
"references": [
{
"source": "chrome-cve-admin@google.com",
"url": "http://googlechromereleases.blogspot.com/2016/04/stable-channel-update_28.html"
},
{
"source": "chrome-cve-admin@google.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00002.html"
},
{
"source": "chrome-cve-admin@google.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00003.html"
},
{
"source": "chrome-cve-admin@google.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00004.html"
},
{
"source": "chrome-cve-admin@google.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00048.html"
},
{
"source": "chrome-cve-admin@google.com",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0707.html"
},
{
"source": "chrome-cve-admin@google.com",
"url": "http://www.debian.org/security/2016/dsa-3564"
},
{
"source": "chrome-cve-admin@google.com",
"url": "http://www.securityfocus.com/bid/89106"
},
{
"source": "chrome-cve-admin@google.com",
"url": "http://www.ubuntu.com/usn/USN-2960-1"
},
{
"source": "chrome-cve-admin@google.com",
"url": "https://codereview.chromium.org/1904913002/"
},
{
"source": "chrome-cve-admin@google.com",
"url": "https://crbug.com/603987"
},
{
"source": "chrome-cve-admin@google.com",
"url": "https://security.gentoo.org/glsa/201605-02"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://googlechromereleases.blogspot.com/2016/04/stable-channel-update_28.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00002.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00004.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00048.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0707.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2016/dsa-3564"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/89106"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-2960-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://codereview.chromium.org/1904913002/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://crbug.com/603987"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201605-02"
}
],
"sourceIdentifier": "chrome-cve-admin@google.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2016-1662
Vulnerability from fkie_nvd - Published: 2016-05-14 21:59 - Updated: 2025-04-12 10:46
Severity ?
Summary
extensions/renderer/gc_callback.cc in Google Chrome before 50.0.2661.94 does not prevent fallback execution once the Garbage Collection callback has started, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via unknown vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| chrome | * | ||
| redhat | enterprise_linux_desktop_supplementary | 6.0 | |
| redhat | enterprise_linux_server_supplementary | 6.0 | |
| redhat | enterprise_linux_server_supplementary_eus | 6.7z | |
| redhat | enterprise_linux_workstation_supplementary | 6.0 | |
| opensuse | opensuse | 13.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"matchCriteriaId": "564CADC6-8AB4-4FE0-8E0A-245E87712035",
"versionEndIncluding": "50.0.2661.87",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop_supplementary:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B8C6E104-EDBC-481E-85B8-D39ED2058D39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_supplementary:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4B74C62D-4A6D-4A4F-ADF6-A508322CD447",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_supplementary_eus:6.7z:*:*:*:*:*:*:*",
"matchCriteriaId": "FE561C57-71DE-434A-85BC-1FAAFDCC7058",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation_supplementary:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6E89B38A-3697-46DD-BB3F-E8D2373588BE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A10BC294-9196-425F-9FB0-B1625465B47F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "extensions/renderer/gc_callback.cc in Google Chrome before 50.0.2661.94 does not prevent fallback execution once the Garbage Collection callback has started, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via unknown vectors."
},
{
"lang": "es",
"value": "extensions/renderer/gc_callback.cc en Google Chrome en versiones anteriores a 50.0.2661.94 no previene la ejecuci\u00f3n de retorno una vez que la llamada de retorno Garbage Collection ha comenzado, lo que permite a atacantes remotos provocar una denegaci\u00f3n de servicio (uso despu\u00e9s de liberaci\u00f3n de memoria) o posiblemente tener otro impacto no especificado a trav\u00e9s de vectores desconocidos."
}
],
"evaluatorComment": "\u003ca href=\"http://cwe.mitre.org/data/definitions/416.html\"\u003eCWE-416: Use After Free\u003c/a\u003e",
"id": "CVE-2016-1662",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-05-14T21:59:02.210",
"references": [
{
"source": "chrome-cve-admin@google.com",
"url": "http://googlechromereleases.blogspot.com/2016/04/stable-channel-update_28.html"
},
{
"source": "chrome-cve-admin@google.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00002.html"
},
{
"source": "chrome-cve-admin@google.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00003.html"
},
{
"source": "chrome-cve-admin@google.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00004.html"
},
{
"source": "chrome-cve-admin@google.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00048.html"
},
{
"source": "chrome-cve-admin@google.com",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0707.html"
},
{
"source": "chrome-cve-admin@google.com",
"url": "http://www.debian.org/security/2016/dsa-3564"
},
{
"source": "chrome-cve-admin@google.com",
"url": "http://www.securityfocus.com/bid/89106"
},
{
"source": "chrome-cve-admin@google.com",
"url": "https://codereview.chromium.org/1887423002"
},
{
"source": "chrome-cve-admin@google.com",
"url": "https://crbug.com/603732"
},
{
"source": "chrome-cve-admin@google.com",
"url": "https://security.gentoo.org/glsa/201605-02"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://googlechromereleases.blogspot.com/2016/04/stable-channel-update_28.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00002.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00004.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00048.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0707.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2016/dsa-3564"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/89106"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://codereview.chromium.org/1887423002"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://crbug.com/603732"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201605-02"
}
],
"sourceIdentifier": "chrome-cve-admin@google.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2016-1661
Vulnerability from fkie_nvd - Published: 2016-05-14 21:59 - Updated: 2025-04-12 10:46
Severity ?
Summary
Blink, as used in Google Chrome before 50.0.2661.94, does not ensure that frames satisfy a check for the same renderer process in addition to a Same Origin Policy check, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted web site, related to BindingSecurity.cpp and DOMWindow.cpp.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| redhat | enterprise_linux_desktop_supplementary | 6.0 | |
| redhat | enterprise_linux_server_supplementary | 6.0 | |
| redhat | enterprise_linux_server_supplementary_eus | 6.7z | |
| redhat | enterprise_linux_workstation_supplementary | 6.0 | |
| chrome | * | ||
| opensuse | opensuse | 13.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop_supplementary:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B8C6E104-EDBC-481E-85B8-D39ED2058D39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_supplementary:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4B74C62D-4A6D-4A4F-ADF6-A508322CD447",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_supplementary_eus:6.7z:*:*:*:*:*:*:*",
"matchCriteriaId": "FE561C57-71DE-434A-85BC-1FAAFDCC7058",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation_supplementary:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6E89B38A-3697-46DD-BB3F-E8D2373588BE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"matchCriteriaId": "564CADC6-8AB4-4FE0-8E0A-245E87712035",
"versionEndIncluding": "50.0.2661.87",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A10BC294-9196-425F-9FB0-B1625465B47F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Blink, as used in Google Chrome before 50.0.2661.94, does not ensure that frames satisfy a check for the same renderer process in addition to a Same Origin Policy check, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted web site, related to BindingSecurity.cpp and DOMWindow.cpp."
},
{
"lang": "es",
"value": "Blink, tal como se utiliza en Google Chrome en versiones anteriores a 50.0.2661.94, no asegura que los marcos satisfagan una comprobaci\u00f3n para el mismo proceso de renderizaci\u00f3n en adici\u00f3n a una comprobaci\u00f3n de la Same Origin Policy, lo que permite a atacantes remotos provocar una denegaci\u00f3n de servicio (consumo de memoria) o posiblemente tener otro impacto no especificado a trav\u00e9s de sitio web manipulado, relacionado con BindingSecurity.cpp y DOMWindow.cpp."
}
],
"id": "CVE-2016-1661",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 8.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 8.5,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.1,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-05-14T21:59:01.240",
"references": [
{
"source": "chrome-cve-admin@google.com",
"url": "http://googlechromereleases.blogspot.com/2016/04/stable-channel-update_28.html"
},
{
"source": "chrome-cve-admin@google.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00002.html"
},
{
"source": "chrome-cve-admin@google.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00003.html"
},
{
"source": "chrome-cve-admin@google.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00004.html"
},
{
"source": "chrome-cve-admin@google.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00048.html"
},
{
"source": "chrome-cve-admin@google.com",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0707.html"
},
{
"source": "chrome-cve-admin@google.com",
"url": "http://www.debian.org/security/2016/dsa-3564"
},
{
"source": "chrome-cve-admin@google.com",
"url": "http://www.securityfocus.com/bid/89106"
},
{
"source": "chrome-cve-admin@google.com",
"url": "http://www.ubuntu.com/usn/USN-2960-1"
},
{
"source": "chrome-cve-admin@google.com",
"url": "https://codereview.chromium.org/1887553002/"
},
{
"source": "chrome-cve-admin@google.com",
"url": "https://crbug.com/601629"
},
{
"source": "chrome-cve-admin@google.com",
"url": "https://security.gentoo.org/glsa/201605-02"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://googlechromereleases.blogspot.com/2016/04/stable-channel-update_28.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00002.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00004.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00048.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0707.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2016/dsa-3564"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/89106"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-2960-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://codereview.chromium.org/1887553002/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://crbug.com/601629"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201605-02"
}
],
"sourceIdentifier": "chrome-cve-admin@google.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2016-1660
Vulnerability from fkie_nvd - Published: 2016-05-14 21:59 - Updated: 2025-04-12 10:46
Severity ?
Summary
Blink, as used in Google Chrome before 50.0.2661.94, mishandles assertions in the WTF::BitArray and WTF::double_conversion::Vector classes, which allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via a crafted web site.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| opensuse | opensuse | 13.1 | |
| redhat | enterprise_linux_desktop_supplementary | 6.0 | |
| redhat | enterprise_linux_server_supplementary | 6.0 | |
| redhat | enterprise_linux_server_supplementary_eus | 6.7z | |
| redhat | enterprise_linux_workstation_supplementary | 6.0 | |
| chrome | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A10BC294-9196-425F-9FB0-B1625465B47F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop_supplementary:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B8C6E104-EDBC-481E-85B8-D39ED2058D39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_supplementary:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4B74C62D-4A6D-4A4F-ADF6-A508322CD447",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_supplementary_eus:6.7z:*:*:*:*:*:*:*",
"matchCriteriaId": "FE561C57-71DE-434A-85BC-1FAAFDCC7058",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation_supplementary:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6E89B38A-3697-46DD-BB3F-E8D2373588BE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"matchCriteriaId": "564CADC6-8AB4-4FE0-8E0A-245E87712035",
"versionEndIncluding": "50.0.2661.87",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Blink, as used in Google Chrome before 50.0.2661.94, mishandles assertions in the WTF::BitArray and WTF::double_conversion::Vector classes, which allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via a crafted web site."
},
{
"lang": "es",
"value": "Blink, tal como se utiliza en Google Chrome en versiones anteriores a 50.0.2661.94, no maneja correctamente las aserciones en las clases WTF::BitArray y WTF::double_conversion::Vector, lo que permite a atacantes remotos provocar una denegaci\u00f3n de servicio (escritura fuera de l\u00edmites) o posiblemente tener otro impacto no especificado a trav\u00e9s de un sitio web manipulado."
}
],
"id": "CVE-2016-1660",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-05-14T21:59:00.163",
"references": [
{
"source": "chrome-cve-admin@google.com",
"url": "http://googlechromereleases.blogspot.com/2016/04/stable-channel-update_28.html"
},
{
"source": "chrome-cve-admin@google.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00002.html"
},
{
"source": "chrome-cve-admin@google.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00003.html"
},
{
"source": "chrome-cve-admin@google.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00004.html"
},
{
"source": "chrome-cve-admin@google.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00048.html"
},
{
"source": "chrome-cve-admin@google.com",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0707.html"
},
{
"source": "chrome-cve-admin@google.com",
"url": "http://www.debian.org/security/2016/dsa-3564"
},
{
"source": "chrome-cve-admin@google.com",
"url": "http://www.securityfocus.com/bid/89106"
},
{
"source": "chrome-cve-admin@google.com",
"url": "http://www.ubuntu.com/usn/USN-2960-1"
},
{
"source": "chrome-cve-admin@google.com",
"url": "https://codereview.chromium.org/1672603002"
},
{
"source": "chrome-cve-admin@google.com",
"url": "https://codereview.chromium.org/1677363002"
},
{
"source": "chrome-cve-admin@google.com",
"url": "https://crbug.com/574802"
},
{
"source": "chrome-cve-admin@google.com",
"url": "https://security.gentoo.org/glsa/201605-02"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://googlechromereleases.blogspot.com/2016/04/stable-channel-update_28.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00002.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00004.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00048.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0707.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2016/dsa-3564"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/89106"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-2960-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://codereview.chromium.org/1672603002"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://codereview.chromium.org/1677363002"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://crbug.com/574802"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201605-02"
}
],
"sourceIdentifier": "chrome-cve-admin@google.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2015-8540
Vulnerability from fkie_nvd - Published: 2016-04-14 14:59 - Updated: 2025-04-12 10:46
Severity ?
Summary
Integer underflow in the png_check_keyword function in pngwutil.c in libpng 0.90 through 0.99, 1.0.x before 1.0.66, 1.1.x and 1.2.x before 1.2.56, 1.3.x and 1.4.x before 1.4.19, and 1.5.x before 1.5.26 allows remote attackers to have unspecified impact via a space character as a keyword in a PNG image, which triggers an out-of-bounds read.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop_supplementary:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CC2EDDE6-49F2-41D3-BCB2-F49886A2A170",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop_supplementary:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B8C6E104-EDBC-481E-85B8-D39ED2058D39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_hpc_node:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C2FAC325-6EEB-466D-9EBA-8ED4DBC9CFBF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_supplementary:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FB3FB071-FCCC-4425-AFBF-77287C1B8F7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_supplementary:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4B74C62D-4A6D-4A4F-ADF6-A508322CD447",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation_supplementary:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6E89B38A-3697-46DD-BB3F-E8D2373588BE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:libpng:libpng:1.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C036011A-9AE1-423C-8B73-188B9BA20FEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "663C6EE5-5B5E-4C0F-9E7F-D0E1DA9AF9EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8051459E-94D3-4D4A-9D40-CC9475DDB00C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "42056C63-69A7-43CF-828C-0C3E365702D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5B6A39A3-7F86-4DC3-B248-859630AFB9A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "58377AE3-1C13-4C3F-BC55-8336DAEEF97F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "005C2DA4-D00E-4206-851E-9226D66B5F2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "97B17602-0D97-469B-A9B1-30AAC8F758F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "857B664A-C6F9-45E3-93EA-C0F53CEF5C46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.2.9:*:*:*:*:*:*:*",
"matchCriteriaId": "6DFDA458-74E8-4DEF-B524-A4A8672CB66A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.2.10:*:*:*:*:*:*:*",
"matchCriteriaId": "9A3E3BF3-4376-4692-A515-A7B6593F28F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.2.11:*:*:*:*:*:*:*",
"matchCriteriaId": "AB6AF9D5-CE60-4FC9-91AB-E243F0D429E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.2.12:*:*:*:*:*:*:*",
"matchCriteriaId": "3B1AC712-110D-458F-B650-930C6D45CA53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.2.13:*:*:*:*:*:*:*",
"matchCriteriaId": "7F848FA5-9682-454F-A9DE-671C4401F15F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.2.14:*:*:*:*:*:*:*",
"matchCriteriaId": "C4B83678-98A1-440E-950C-4A27995C7294",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.2.15:*:*:*:*:*:*:*",
"matchCriteriaId": "FB9EEE31-479A-4370-BF00-C26C1AF502B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.2.16:*:*:*:*:*:*:*",
"matchCriteriaId": "95EABD7D-1F18-4FA5-BAA9-F8D69129E531",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.2.17:*:*:*:*:*:*:*",
"matchCriteriaId": "65B836CA-3740-48B0-966B-21E65EF3D636",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.2.18:*:*:*:*:*:*:*",
"matchCriteriaId": "3988FA1B-18D9-46AA-87BA-A6B01D4F4B25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.2.19:*:*:*:*:*:*:*",
"matchCriteriaId": "51A46409-7AC6-45DB-B92D-29988C445BC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.2.20:*:*:*:*:*:*:*",
"matchCriteriaId": "09E2B608-6C70-446F-A3A7-369048D99855",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.2.21:*:*:*:*:*:*:*",
"matchCriteriaId": "5AA00AE0-F447-4361-AA37-0C98BDE491E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.2.22:*:*:*:*:*:*:*",
"matchCriteriaId": "21DACE94-FBDC-4A3D-8DD6-E62D18F5EE7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.2.23:*:*:*:*:*:*:*",
"matchCriteriaId": "220A02AF-6ADA-4B75-BC81-40B2D847029A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.2.24:*:*:*:*:*:*:*",
"matchCriteriaId": "ECEB8F61-195E-41DE-90CE-22854055E9D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.2.25:*:*:*:*:*:*:*",
"matchCriteriaId": "D0F72B91-1F7F-41EB-ABC8-1B50AFEC70EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.2.26:*:*:*:*:*:*:*",
"matchCriteriaId": "111091B9-CBAE-4FC7-8B97-7D2345BFCB45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.2.27:*:*:*:*:*:*:*",
"matchCriteriaId": "54C6D9D3-50B2-4A63-B3D1-C76C70F4443E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.2.28:*:*:*:*:*:*:*",
"matchCriteriaId": "4110AA74-C69D-45BC-A630-9EE3A2036BD6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.2.29:*:*:*:*:*:*:*",
"matchCriteriaId": "F2DEFD05-10EE-4242-B885-FD1B0DF6CAA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.2.30:*:*:*:*:*:*:*",
"matchCriteriaId": "1CAA1090-C1C7-43A2-BD44-065572D226B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.2.31:*:*:*:*:*:*:*",
"matchCriteriaId": "2FD92305-91BF-4984-A029-8FA83CBF1A12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.2.32:*:*:*:*:*:*:*",
"matchCriteriaId": "F9F9A6DB-19BF-4798-879E-9BD4AD5EFF2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.2.33:*:*:*:*:*:*:*",
"matchCriteriaId": "31EE280F-D76D-478B-ADD6-D5F2C7574A2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.2.34:*:*:*:*:*:*:*",
"matchCriteriaId": "747314F7-A515-41FF-8095-62A9F05F0DEA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.2.35:*:*:*:*:*:*:*",
"matchCriteriaId": "C1BE9ED0-685B-41F0-A984-D33E7034AEA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.2.36:*:*:*:*:*:*:*",
"matchCriteriaId": "E3F6AD99-7697-47E5-8301-723C16535C76",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.2.37:*:*:*:*:*:*:*",
"matchCriteriaId": "07B00AD3-D13C-45B5-A13A-9092D40F4A63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.2.38:*:*:*:*:*:*:*",
"matchCriteriaId": "14222EA8-E8ED-4818-ACB4-C6A13643F210",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.2.39:*:*:*:*:*:*:*",
"matchCriteriaId": "A22C28DD-5C99-4722-9093-A1E82A2C2808",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.2.40:*:*:*:*:*:*:*",
"matchCriteriaId": "93714B71-6331-4F5A-A12A-B4B80CA2FEC3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.2.41:*:*:*:*:*:*:*",
"matchCriteriaId": "10CD562E-1F06-4779-A29C-4069E3C86B16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.2.42:*:*:*:*:*:*:*",
"matchCriteriaId": "4D83D507-64AF-4158-97B9-1353E2F8EE46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.2.43:*:*:*:*:*:*:*",
"matchCriteriaId": "BC5E39EA-C32E-4E87-9A3F-CCB5144F0E68",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.2.43:devel:*:*:*:*:*:*",
"matchCriteriaId": "61B9103F-CD72-4F06-BED1-7AE4AB9E672C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.2.44:*:*:*:*:*:*:*",
"matchCriteriaId": "0DF6249D-5AA8-4EA3-A92A-0E492FE5B811",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.2.45:*:*:*:*:*:*:*",
"matchCriteriaId": "CDE7F259-40A2-4866-8EF8-44A9913EC4EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.2.45:devel:*:*:*:*:*:*",
"matchCriteriaId": "CFA3EED5-F0AB-4C5C-92D7-B84BFDAA31AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.2.46:*:*:*:*:*:*:*",
"matchCriteriaId": "03C20A42-6A77-43D4-80D7-332BB2DF1B66",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.2.46:devel:*:*:*:*:*:*",
"matchCriteriaId": "8A0A1B56-0E92-4E81-9B2C-4F9B9D5833EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.2.47:*:*:*:*:*:*:*",
"matchCriteriaId": "D4CC5DBB-249B-4EED-9F54-E23CB1919ED0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.2.47:beta:*:*:*:*:*:*",
"matchCriteriaId": "C10D9119-0FF8-4DFE-8632-A14D9C83CC9E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.2.48:*:*:*:*:*:*:*",
"matchCriteriaId": "088A1BDB-BB1A-46B5-898B-23311DE27CE2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.2.48:betas:*:*:*:*:*:*",
"matchCriteriaId": "C24CA735-6EA6-41E3-A82D-D443BB47806B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.2.49:*:*:*:*:*:*:*",
"matchCriteriaId": "6CBAA828-F42A-420F-B17E-6FACF6CD483D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.2.50:*:*:*:*:*:*:*",
"matchCriteriaId": "D20664A4-4816-4F57-82BB-F4116FA33A41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.2.51:*:*:*:*:*:*:*",
"matchCriteriaId": "64226521-0723-4259-B214-0D2A35CF5FBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.2.52:*:*:*:*:*:*:*",
"matchCriteriaId": "6ABEEBFE-A8C8-40D4-97D8-F06676E67478",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.2.53:*:*:*:*:*:*:*",
"matchCriteriaId": "47831D80-33AC-4A13-B92D-3D2CBF215955",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.2.54:*:*:*:*:*:*:*",
"matchCriteriaId": "7ED428C8-E6AB-4BB1-BE7D-543B2A19410F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.2.55:*:*:*:*:*:*:*",
"matchCriteriaId": "00EFBF77-B771-4A52-B4FF-6346F4B69968",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:libpng:libpng:1.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BB9D7121-F80E-4F17-A55B-4E404B87B823",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:libpng:libpng:1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6D6B3DAF-DF99-48B2-8E7C-BE8E043D4C24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "29050958-EFD8-4A79-9022-EF72AAD4EDB3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B3CB33B1-71B2-4235-A2C1-FCAEA9844A6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "436F8C71-1780-4DC6-937B-8F1F51C7453D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0BF2C6F3-BFE7-4234-9975-DE7FCDA26A46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "5B79DC5F-5062-4031-BA11-746EE3C8E1CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "CAD6DE25-8B2F-4DB9-9969-8AAC23BC0AE5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "35F2B503-1516-465D-A558-9932BDB3457D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "BA94EAAA-A4D2-4E36-BC69-BBE9644FE970",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "F3A7C96C-8FBB-42B4-937E-3321C939CC87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.0.11:*:*:*:*:*:*:*",
"matchCriteriaId": "94084356-D39B-41B2-AC24-0ADAD0BF5988",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.0.12:*:*:*:*:*:*:*",
"matchCriteriaId": "086C6335-7872-46A7-AEB1-9BE5AE5A788C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.0.13:*:*:*:*:*:*:*",
"matchCriteriaId": "FF8233B1-04A0-4E25-97EE-CF466B48A12E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.0.14:*:*:*:*:*:*:*",
"matchCriteriaId": "FA714E7E-05EF-4598-9324-887BC66C675E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.0.15:*:*:*:*:*:*:*",
"matchCriteriaId": "C5CF3B73-D3B9-4D76-B411-C837BCE0806E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.0.16:*:*:*:*:*:*:*",
"matchCriteriaId": "D1752D91-3468-4E22-B60F-6789B3CBD7B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.0.17:*:*:*:*:*:*:*",
"matchCriteriaId": "F433AA7E-A780-4D45-AD1A-5A4CE1F3FCD1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.0.18:*:*:*:*:*:*:*",
"matchCriteriaId": "93E210A7-489B-4EA7-A840-599523157DD3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.0.19:*:*:*:*:*:*:*",
"matchCriteriaId": "B37565FA-72F5-4063-8D7A-97BC269F020B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.0.20:*:*:*:*:*:*:*",
"matchCriteriaId": "BC8FA821-818E-4BC7-834B-94EB5C042390",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.0.21:*:*:*:*:*:*:*",
"matchCriteriaId": "F3FBF3D3-95A6-4869-8A69-F0E5ECA40220",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.0.22:*:*:*:*:*:*:*",
"matchCriteriaId": "D07785D0-E995-4208-AB8C-43B320D291F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.0.23:*:*:*:*:*:*:*",
"matchCriteriaId": "152DDD6E-CF56-4E1C-BE4D-C7BC0FD9B08C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.0.24:*:*:*:*:*:*:*",
"matchCriteriaId": "19BBA666-4473-4C6D-BF48-34EF3F09AD7D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.0.25:*:*:*:*:*:*:*",
"matchCriteriaId": "B7DDF6CC-7997-47E7-96D3-8DC10F1D17F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.0.26:*:*:*:*:*:*:*",
"matchCriteriaId": "A1926DD0-0A9B-4F9D-BB4F-AC7AB0B3F0E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.0.27:*:*:*:*:*:*:*",
"matchCriteriaId": "2763A6C7-DBBA-4E2A-917C-B6FF524B9891",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.0.28:*:*:*:*:*:*:*",
"matchCriteriaId": "E7DECDF8-7742-4D58-99FA-100A01748B05",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.0.29:*:*:*:*:*:*:*",
"matchCriteriaId": "CA4FD3B1-3A68-4122-AA50-31BFC6C50408",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.0.30:*:*:*:*:*:*:*",
"matchCriteriaId": "45790331-CE26-457F-8649-F027703E73EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.0.31:*:*:*:*:*:*:*",
"matchCriteriaId": "0B0BFE2D-5C7B-42E0-B783-8C5907CA8635",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.0.32:*:*:*:*:*:*:*",
"matchCriteriaId": "7CD993C1-70B6-4ACB-B958-94E7EF973A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.0.33:*:*:*:*:*:*:*",
"matchCriteriaId": "C085686C-A0AA-4F56-9E7D-B5CB24B890D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.0.34:*:*:*:*:*:*:*",
"matchCriteriaId": "D02A5197-06B9-469E-9817-45BB23324042",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.0.35:*:*:*:*:*:*:*",
"matchCriteriaId": "5EB6BE37-E564-4E42-BE39-36DD301C37A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.0.37:*:*:*:*:*:*:*",
"matchCriteriaId": "314209F2-E0A0-4045-8108-8E7215312442",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.0.38:*:*:*:*:*:*:*",
"matchCriteriaId": "11A8ECBB-7E50-4447-88E2-893C1466C251",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.0.39:*:*:*:*:*:*:*",
"matchCriteriaId": "8B8F24A5-F5C3-495F-9AF0-2EE836E0147A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.0.40:*:*:*:*:*:*:*",
"matchCriteriaId": "46DE2DE3-F081-4B80-A4DA-C5AB27B3CA8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.0.41:*:*:*:*:*:*:*",
"matchCriteriaId": "71EF1D77-7838-47DF-B6A2-DBBAC0058FED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.0.42:*:*:*:*:*:*:*",
"matchCriteriaId": "76BA4FEA-FEB4-47A9-9DFF-A233CEE03D04",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.0.43:*:*:*:*:*:*:*",
"matchCriteriaId": "60DB5A63-E89E-48AB-A846-107EBEC71D67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.0.44:*:*:*:*:*:*:*",
"matchCriteriaId": "2181FEEB-D07E-490C-9953-3490D87B63A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.0.45:*:*:*:*:*:*:*",
"matchCriteriaId": "36DC41DD-A291-4ECE-84B9-574828AA2A80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.0.46:*:*:*:*:*:*:*",
"matchCriteriaId": "015D1E36-17A1-4413-B1FB-5DF4C36712BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.0.47:*:*:*:*:*:*:*",
"matchCriteriaId": "F64CE8F2-22B1-43F8-8934-CBCD2EFBA85D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.0.48:*:*:*:*:*:*:*",
"matchCriteriaId": "CEB15BE8-1B88-4117-AF14-3AA2B54DB323",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.0.50:*:*:*:*:*:*:*",
"matchCriteriaId": "A2CB2728-4CC7-46EA-809B-450A9BB9F884",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.0.51:*:*:*:*:*:*:*",
"matchCriteriaId": "96638963-D264-49AD-9B77-497C3DA23DFA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.0.52:*:*:*:*:*:*:*",
"matchCriteriaId": "88544BBE-29A1-4622-B3E6-FA4B891A9B5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.0.53:*:*:*:*:*:*:*",
"matchCriteriaId": "DD658D98-9A4D-4DC2-A935-BB3BF0E0FB2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.0.54:*:*:*:*:*:*:*",
"matchCriteriaId": "FFF819AF-AC11-4BD9-A070-572836A65FB7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.0.55:*:*:*:*:*:*:*",
"matchCriteriaId": "2EEAC62D-BF2B-40DF-9428-FFBF7CA09471",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.0.55:rc01:*:*:*:*:*:*",
"matchCriteriaId": "27DFAB04-5C5C-4366-B3FC-C83AAB807F0B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.0.56:*:*:*:*:*:*:*",
"matchCriteriaId": "36327723-F953-4BD3-A525-930DDCF7931D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.0.56:devel:*:*:*:*:*:*",
"matchCriteriaId": "36F717B1-CC02-4878-9A78-1584074E81C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.0.57:*:*:*:*:*:*:*",
"matchCriteriaId": "7D482811-2EF1-47AE-A41C-7532AC6DEF31",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.0.57:rc01:*:*:*:*:*:*",
"matchCriteriaId": "FF26AB67-81F8-4CD2-8E28-BDF9FE2CD58F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.0.58:*:*:*:*:*:*:*",
"matchCriteriaId": "2D0EE98D-0596-4147-9EC4-F3616BF2B901",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.0.59:*:*:*:*:*:*:*",
"matchCriteriaId": "62F15027-0E80-48B7-9ECD-9E7228F0E81B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.0.60:*:*:*:*:*:*:*",
"matchCriteriaId": "99904D7E-0046-4481-99B6-01710D4FC848",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.0.61:*:*:*:*:*:*:*",
"matchCriteriaId": "8AB33B4E-E69A-4002-816C-24CCD49682F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.0.62:*:*:*:*:*:*:*",
"matchCriteriaId": "42A4FAF1-4B81-47C4-BFB7-6052524A2DA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.0.63:*:*:*:*:*:*:*",
"matchCriteriaId": "686A50C3-93E1-4C3F-8089-322BE26E6317",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.0.64:*:*:*:*:*:*:*",
"matchCriteriaId": "BBD67FEF-E6D3-449B-B2E9-14A69AD8E923",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.0.65:*:*:*:*:*:*:*",
"matchCriteriaId": "BD8B4549-007C-4572-86D9-F51A7B3FC586",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:*",
"matchCriteriaId": "E79AB8DD-C907-4038-A931-1A5A4CFB6A5B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "036E8A89-7A16-411F-9D31-676313BB7244",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:libpng:libpng:1.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "52D5DAA1-3632-48D7-A657-4A4C83A119D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EB5AE8E0-3C11-4EE1-A599-4D70C6A13F1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6AD36C3B-3C02-488B-B480-EA091D702CA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "59BAD272-D4B6-40CE-B5E9-63145E12B638",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5EEB311C-766D-4070-A0BE-9CE4593C8F49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "C185BF59-68E4-49F8-802F-C06FE840FF3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "5C399B31-B8EC-41C4-B6AB-83BABC474374",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "3B00AF5F-D4F5-490C-8BF4-2B33EFBF15A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.4.8:*:*:*:*:*:*:*",
"matchCriteriaId": "BA9AEB1D-0AA7-4842-9CF9-91BFD8B58A4F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.4.9:*:*:*:*:*:*:*",
"matchCriteriaId": "09150152-5DEA-4FA2-9163-63EAF4D83DEF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.4.10:*:*:*:*:*:*:*",
"matchCriteriaId": "45E5068A-42BE-478B-8C00-FE23B7837DC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.4.11:*:*:*:*:*:*:*",
"matchCriteriaId": "023CCFB0-7995-408E-928A-76C5BD9B4924",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.4.12:*:*:*:*:*:*:*",
"matchCriteriaId": "493F615D-DB81-48B3-9E74-C32544A01372",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.4.13:*:*:*:*:*:*:*",
"matchCriteriaId": "D2F12925-44F7-4790-8A06-345EB3DCCB71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.4.14:*:*:*:*:*:*:*",
"matchCriteriaId": "7F5BF226-D62F-4F54-B771-EB108FD256FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.4.15:*:*:*:*:*:*:*",
"matchCriteriaId": "D2EDBFCB-96DA-4A36-873A-3164975BE997",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.4.16:*:*:*:*:*:*:*",
"matchCriteriaId": "ACDB15BE-BDD2-4210-B224-A520E8DC7D89",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.4.17:*:*:*:*:*:*:*",
"matchCriteriaId": "70D3AD38-CCE7-47E6-8225-C0BFC3F10E4A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.4.18:*:*:*:*:*:*:*",
"matchCriteriaId": "4D176C8F-C91F-47C8-AEC8-377324944421",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:libpng:libpng:0.90:*:*:*:*:*:*:*",
"matchCriteriaId": "4EF125DE-6BD1-4640-9710-6EE69CD8A871",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:0.95:*:*:*:*:*:*:*",
"matchCriteriaId": "DE45B563-07B8-4F4E-80B4-C73216DF7295",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:0.96:*:*:*:*:*:*:*",
"matchCriteriaId": "0303A619-21BE-49DD-8C08-F04DFB31FC73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:0.97:*:*:*:*:*:*:*",
"matchCriteriaId": "197C2166-FCB7-467B-ABF1-E30E7DBD8816",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:0.98:*:*:*:*:*:*:*",
"matchCriteriaId": "663DD631-661D-48FA-A090-A18536BA284A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:0.99:*:*:*:*:*:*:*",
"matchCriteriaId": "1AEDED41-716C-4D7F-9D18-FF4672F51C67",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:libpng:libpng:1.5.0:beta:*:*:*:*:*:*",
"matchCriteriaId": "C8BA2974-AF9F-4382-B443-F54354B5623A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CE8BC209-45B9-44D6-A26D-0B570ED5BB19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.5.1:beta:*:*:*:*:*:*",
"matchCriteriaId": "468B1A0E-AF58-42C4-9801-D6F83F283360",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6644ED2F-66F3-469D-8233-72FE7321E850",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.5.2:beta:*:*:*:*:*:*",
"matchCriteriaId": "B36D610D-F86A-4D46-B0F2-884FFA601C69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.5.3:beta:*:*:*:*:*:*",
"matchCriteriaId": "C8A976DD-87FA-425D-8E07-E3CFC4D3FD05",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "3F34978D-6ABE-463E-AB48-21CC55B7D157",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.5.4:beta:*:*:*:*:*:*",
"matchCriteriaId": "3716FF0E-AD20-46F8-B8F6-3EC42D427C90",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "7A4568BB-F5FF-4BBB-9DA3-E66C2BFA2416",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.5.5:beta:*:*:*:*:*:*",
"matchCriteriaId": "E5300EC4-B3A0-42C5-8D39-67AB75C47153",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.5.6:*:*:*:*:*:*:*",
"matchCriteriaId": "246CF13F-FDC1-499E-9FC1-5624D54E9E3F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.5.6:beta:*:*:*:*:*:*",
"matchCriteriaId": "D5840A8E-AB64-40A9-8BB6-EB6BA51D40B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.5.7:*:*:*:*:*:*:*",
"matchCriteriaId": "AC66FD43-421B-4223-BA32-EC47B51E1091",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.5.7:beta:*:*:*:*:*:*",
"matchCriteriaId": "EEC9D57C-47F2-4773-85B6-FFB0C4681E0C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "F0F5664B-5AB9-4DE4-99AA-8FD32DBA4A4A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.5.8:beta:*:*:*:*:*:*",
"matchCriteriaId": "5CD1C8E6-DF35-47F7-877F-001AD62B57CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.5.9:*:*:*:*:*:*:*",
"matchCriteriaId": "C7712376-D776-4814-A041-FBFEAC70ADC3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.5.9:beta:*:*:*:*:*:*",
"matchCriteriaId": "DF69B34E-F7FB-4F4C-AF7D-ACD165B1233B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.5.10:beta:*:*:*:*:*:*",
"matchCriteriaId": "F7CC2E64-E48C-4DE6-892D-06A0B806A51B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.5.11:*:*:*:*:*:*:*",
"matchCriteriaId": "65DEDF02-9239-497C-94DB-DAF80B6B4F6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.5.11:beta:*:*:*:*:*:*",
"matchCriteriaId": "5BE62DB2-664D-4E0A-840F-09D13E41704A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.5.12:*:*:*:*:*:*:*",
"matchCriteriaId": "8CAAECD8-0C16-40CC-BA8A-97DF38BAF668",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.5.13:*:*:*:*:*:*:*",
"matchCriteriaId": "84D9B3E6-D32D-4E4B-908A-39FAC3D5F618",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.5.13:beta:*:*:*:*:*:*",
"matchCriteriaId": "561D5D7A-1933-4A6D-940E-8DD035AA31B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.5.14:*:*:*:*:*:*:*",
"matchCriteriaId": "8F2DB1EF-B961-4C56-8519-242419B6AB9C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.5.15:*:*:*:*:*:*:*",
"matchCriteriaId": "2BDE2351-2B17-4C1A-A625-6C7DE691039A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.5.16:*:*:*:*:*:*:*",
"matchCriteriaId": "5426F3F0-CF21-45D4-9071-F8F7865A7619",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.5.17:*:*:*:*:*:*:*",
"matchCriteriaId": "25147E8F-7385-4393-BE21-E3347610F003",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.5.18:*:*:*:*:*:*:*",
"matchCriteriaId": "19C06F50-7C48-4FD6-B0C9-6C9B643742B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.5.19:*:*:*:*:*:*:*",
"matchCriteriaId": "DA562433-F6F5-46C1-98DE-8309BD940260",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.5.20:beta:*:*:*:*:*:*",
"matchCriteriaId": "61FBBD3D-E216-46D3-9D12-6D3732B75E30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.5.21:*:*:*:*:*:*:*",
"matchCriteriaId": "5AB9178D-DEEF-4D2C-9347-F553312129C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.5.22:*:*:*:*:*:*:*",
"matchCriteriaId": "3157A738-20EB-4BE0-A58B-E21DDA64EDC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.5.23:*:*:*:*:*:*:*",
"matchCriteriaId": "6D70C6B1-2360-48C9-931D-BAED79151DF0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.5.24:*:*:*:*:*:*:*",
"matchCriteriaId": "29F79896-3EF0-4F53-8EBC-66D811E2C315",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libpng:libpng:1.5.25:*:*:*:*:*:*:*",
"matchCriteriaId": "E2C8AE4F-0473-4B52-8DB4-31022057FD71",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:libpng:libpng:1.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "41D423E1-A542-4E8C-8ABF-B0B0B0C27DD5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Integer underflow in the png_check_keyword function in pngwutil.c in libpng 0.90 through 0.99, 1.0.x before 1.0.66, 1.1.x and 1.2.x before 1.2.56, 1.3.x and 1.4.x before 1.4.19, and 1.5.x before 1.5.26 allows remote attackers to have unspecified impact via a space character as a keyword in a PNG image, which triggers an out-of-bounds read."
},
{
"lang": "es",
"value": "Desbordamiento inferior de entero en la funci\u00f3n png_check_keyword en pngwutil.c en libpng 0.90 hasta la versi\u00f3n 0.99, 1.0.x en versiones anteriores a 1.0.66, 1.1.x y 1.2.x en versiones anteriores a 1.2.56, 1.3.x y 1.4.x en versiones anteriores a 1.4.19 y 1.5.x en versiones anteriores a 1.5.26 permite a atacantes remotos tener un impacto no especificado a trav\u00e9s de un car\u00e1cter de espacio como contrase\u00f1a en una imagen PNG, lo que desencadena una lectura fuera de rango."
}
],
"id": "CVE-2015-8540",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-04-14T14:59:03.287",
"references": [
{
"source": "cve@mitre.org",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-December/174435.html"
},
{
"source": "cve@mitre.org",
"url": "http://sourceforge.net/p/libpng/bugs/244/"
},
{
"source": "cve@mitre.org",
"url": "http://sourceforge.net/p/libpng/code/ci/d9006f683c641793252d92254a75ae9b815b42ed/"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://sourceforge.net/projects/libpng/files/libpng10/1.0.66/"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://sourceforge.net/projects/libpng/files/libpng12/1.2.56/"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://sourceforge.net/projects/libpng/files/libpng14/1.4.19/"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://sourceforge.net/projects/libpng/files/libpng15/1.5.26/"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2016/dsa-3443"
},
{
"source": "cve@mitre.org",
"url": "http://www.openwall.com/lists/oss-security/2015/12/10/6"
},
{
"source": "cve@mitre.org",
"url": "http://www.openwall.com/lists/oss-security/2015/12/10/7"
},
{
"source": "cve@mitre.org",
"url": "http://www.openwall.com/lists/oss-security/2015/12/11/1"
},
{
"source": "cve@mitre.org",
"url": "http://www.openwall.com/lists/oss-security/2015/12/11/2"
},
{
"source": "cve@mitre.org",
"url": "http://www.openwall.com/lists/oss-security/2015/12/17/10"
},
{
"source": "cve@mitre.org",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/80592"
},
{
"source": "cve@mitre.org",
"url": "https://access.redhat.com/errata/RHSA-2016:1430"
},
{
"source": "cve@mitre.org",
"url": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E"
},
{
"source": "cve@mitre.org",
"url": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E"
},
{
"source": "cve@mitre.org",
"url": "https://security.gentoo.org/glsa/201611-08"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-December/174435.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://sourceforge.net/p/libpng/bugs/244/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://sourceforge.net/p/libpng/code/ci/d9006f683c641793252d92254a75ae9b815b42ed/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://sourceforge.net/projects/libpng/files/libpng10/1.0.66/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://sourceforge.net/projects/libpng/files/libpng12/1.2.56/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://sourceforge.net/projects/libpng/files/libpng14/1.4.19/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://sourceforge.net/projects/libpng/files/libpng15/1.5.26/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2016/dsa-3443"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2015/12/10/6"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2015/12/10/7"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2015/12/11/1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2015/12/11/2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2015/12/17/10"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/80592"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://access.redhat.com/errata/RHSA-2016:1430"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201611-08"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-189"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2016-2051
Vulnerability from fkie_nvd - Published: 2016-01-25 11:59 - Updated: 2025-04-12 10:46
Severity ?
Summary
Multiple unspecified vulnerabilities in Google V8 before 4.8.271.17, as used in Google Chrome before 48.0.2564.82, allow attackers to cause a denial of service or possibly have other impact via unknown vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| chrome | * | ||
| redhat | enterprise_linux_desktop_supplementary | 6.0 | |
| redhat | enterprise_linux_server_supplementary | 6.0 | |
| redhat | enterprise_linux_server_supplementary_eus | 6.7.z | |
| redhat | enterprise_linux_workstation_supplementary | 6.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AFB52550-C3FC-4CDD-AA6E-500BD3304241",
"versionEndIncluding": "47.0.2526.111",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop_supplementary:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B8C6E104-EDBC-481E-85B8-D39ED2058D39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_supplementary:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4B74C62D-4A6D-4A4F-ADF6-A508322CD447",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_supplementary_eus:6.7.z:*:*:*:*:*:*:*",
"matchCriteriaId": "DCD167C9-1AAB-42DC-9D99-6E0810FEA558",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation_supplementary:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6E89B38A-3697-46DD-BB3F-E8D2373588BE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple unspecified vulnerabilities in Google V8 before 4.8.271.17, as used in Google Chrome before 48.0.2564.82, allow attackers to cause a denial of service or possibly have other impact via unknown vectors."
},
{
"lang": "es",
"value": "M\u00faltiples vulnerabilidades no especificadas en Google V8 en versiones anteriores a 4.8.271.17, tal como se utiliza en Google Chrome en versiones anteriores a 48.0.2564.82, permiten a atacantes provocar una denegaci\u00f3n de servicio o posiblemente tener otro impacto a trav\u00e9s de vectores desconocidos."
}
],
"id": "CVE-2016-2051",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-01-25T11:59:09.677",
"references": [
{
"source": "chrome-cve-admin@google.com",
"url": "http://googlechromereleases.blogspot.com/2016/01/stable-channel-update_20.html"
},
{
"source": "chrome-cve-admin@google.com",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0072.html"
},
{
"source": "chrome-cve-admin@google.com",
"url": "http://www.securityfocus.com/bid/81431"
},
{
"source": "chrome-cve-admin@google.com",
"url": "http://www.securitytracker.com/id/1034801"
},
{
"source": "chrome-cve-admin@google.com",
"url": "http://www.ubuntu.com/usn/USN-2877-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://googlechromereleases.blogspot.com/2016/01/stable-channel-update_20.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0072.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/81431"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1034801"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-2877-1"
}
],
"sourceIdentifier": "chrome-cve-admin@google.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2015-1289
Vulnerability from fkie_nvd - Published: 2015-07-23 00:59 - Updated: 2025-04-12 10:46
Severity ?
Summary
Multiple unspecified vulnerabilities in Google Chrome before 44.0.2403.89 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| chrome | * | ||
| opensuse | opensuse | 13.1 | |
| opensuse | opensuse | 13.2 | |
| redhat | enterprise_linux_desktop_supplementary | 6.0 | |
| redhat | enterprise_linux_server_supplementary | 6.0 | |
| redhat | enterprise_linux_server_supplementary_eus | 6.7z | |
| redhat | enterprise_linux_workstation_supplementary | 6.0 | |
| debian | debian_linux | 8.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4CD601FD-6060-4CC5-81DA-BDDE41485613",
"versionEndIncluding": "43.0.2357.134",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A10BC294-9196-425F-9FB0-B1625465B47F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*",
"matchCriteriaId": "03117DF1-3BEC-4B8D-AD63-DBBDB2126081",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop_supplementary:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B8C6E104-EDBC-481E-85B8-D39ED2058D39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_supplementary:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4B74C62D-4A6D-4A4F-ADF6-A508322CD447",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_supplementary_eus:6.7z:*:*:*:*:*:*:*",
"matchCriteriaId": "FE561C57-71DE-434A-85BC-1FAAFDCC7058",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation_supplementary:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6E89B38A-3697-46DD-BB3F-E8D2373588BE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple unspecified vulnerabilities in Google Chrome before 44.0.2403.89 allow attackers to cause a denial of service or possibly have other impact via unknown vectors."
},
{
"lang": "es",
"value": "M\u00faltiples vulnerabilidades no especificadas en Google Chrome en versiones anteriores a la 44.0.2403.89, permite a atacantes causar una denegaci\u00f3n de servicio o posiblemente tener otro impacto no especificado a trav\u00e9s de vectores desconocidos."
}
],
"id": "CVE-2015-1289",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-07-23T00:59:18.210",
"references": [
{
"source": "chrome-cve-admin@google.com",
"url": "http://googlechromereleases.blogspot.com/2015/07/stable-channel-update_21.html"
},
{
"source": "chrome-cve-admin@google.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00038.html"
},
{
"source": "chrome-cve-admin@google.com",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1499.html"
},
{
"source": "chrome-cve-admin@google.com",
"url": "http://www.debian.org/security/2015/dsa-3315"
},
{
"source": "chrome-cve-admin@google.com",
"url": "http://www.securityfocus.com/bid/75973"
},
{
"source": "chrome-cve-admin@google.com",
"url": "http://www.securitytracker.com/id/1033031"
},
{
"source": "chrome-cve-admin@google.com",
"url": "https://code.google.com/p/chromium/issues/detail?id=512110"
},
{
"source": "chrome-cve-admin@google.com",
"url": "https://crbug.com/398235"
},
{
"source": "chrome-cve-admin@google.com",
"url": "https://crbug.com/401995"
},
{
"source": "chrome-cve-admin@google.com",
"url": "https://crbug.com/404462"
},
{
"source": "chrome-cve-admin@google.com",
"url": "https://crbug.com/458024"
},
{
"source": "chrome-cve-admin@google.com",
"url": "https://crbug.com/459898"
},
{
"source": "chrome-cve-admin@google.com",
"url": "https://crbug.com/460938"
},
{
"source": "chrome-cve-admin@google.com",
"url": "https://crbug.com/471990"
},
{
"source": "chrome-cve-admin@google.com",
"url": "https://crbug.com/477713"
},
{
"source": "chrome-cve-admin@google.com",
"url": "https://crbug.com/478575"
},
{
"source": "chrome-cve-admin@google.com",
"url": "https://crbug.com/484432"
},
{
"source": "chrome-cve-admin@google.com",
"url": "https://crbug.com/485855"
},
{
"source": "chrome-cve-admin@google.com",
"url": "https://crbug.com/486004"
},
{
"source": "chrome-cve-admin@google.com",
"url": "https://crbug.com/487286"
},
{
"source": "chrome-cve-admin@google.com",
"url": "https://crbug.com/491216"
},
{
"source": "chrome-cve-admin@google.com",
"url": "https://crbug.com/492448"
},
{
"source": "chrome-cve-admin@google.com",
"url": "https://crbug.com/492981"
},
{
"source": "chrome-cve-admin@google.com",
"url": "https://crbug.com/495682"
},
{
"source": "chrome-cve-admin@google.com",
"url": "https://crbug.com/504692"
},
{
"source": "chrome-cve-admin@google.com",
"url": "https://crbug.com/506749"
},
{
"source": "chrome-cve-admin@google.com",
"url": "https://crbug.com/507821"
},
{
"source": "chrome-cve-admin@google.com",
"url": "https://security.gentoo.org/glsa/201603-09"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://googlechromereleases.blogspot.com/2015/07/stable-channel-update_21.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00038.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1499.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2015/dsa-3315"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/75973"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1033031"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://code.google.com/p/chromium/issues/detail?id=512110"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://crbug.com/398235"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://crbug.com/401995"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://crbug.com/404462"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://crbug.com/458024"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://crbug.com/459898"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://crbug.com/460938"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://crbug.com/471990"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://crbug.com/477713"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://crbug.com/478575"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://crbug.com/484432"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://crbug.com/485855"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://crbug.com/486004"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://crbug.com/487286"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://crbug.com/491216"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://crbug.com/492448"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://crbug.com/492981"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://crbug.com/495682"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://crbug.com/504692"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://crbug.com/506749"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://crbug.com/507821"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201603-09"
}
],
"sourceIdentifier": "chrome-cve-admin@google.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2015-1288
Vulnerability from fkie_nvd - Published: 2015-07-23 00:59 - Updated: 2025-04-12 10:46
Severity ?
Summary
The Spellcheck API implementation in Google Chrome before 44.0.2403.89 does not use an HTTPS session for downloading a Hunspell dictionary, which allows man-in-the-middle attackers to deliver incorrect spelling suggestions or possibly have unspecified other impact via a crafted file, a related issue to CVE-2015-1263.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| chrome | * | ||
| debian | debian_linux | 8.0 | |
| redhat | enterprise_linux_desktop_supplementary | 6.0 | |
| redhat | enterprise_linux_server_supplementary | 6.0 | |
| redhat | enterprise_linux_server_supplementary_eus | 6.7z | |
| redhat | enterprise_linux_workstation_supplementary | 6.0 | |
| opensuse | opensuse | 13.1 | |
| opensuse | opensuse | 13.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4CD601FD-6060-4CC5-81DA-BDDE41485613",
"versionEndIncluding": "43.0.2357.134",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop_supplementary:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B8C6E104-EDBC-481E-85B8-D39ED2058D39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_supplementary:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4B74C62D-4A6D-4A4F-ADF6-A508322CD447",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_supplementary_eus:6.7z:*:*:*:*:*:*:*",
"matchCriteriaId": "FE561C57-71DE-434A-85BC-1FAAFDCC7058",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation_supplementary:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6E89B38A-3697-46DD-BB3F-E8D2373588BE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A10BC294-9196-425F-9FB0-B1625465B47F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*",
"matchCriteriaId": "03117DF1-3BEC-4B8D-AD63-DBBDB2126081",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Spellcheck API implementation in Google Chrome before 44.0.2403.89 does not use an HTTPS session for downloading a Hunspell dictionary, which allows man-in-the-middle attackers to deliver incorrect spelling suggestions or possibly have unspecified other impact via a crafted file, a related issue to CVE-2015-1263."
},
{
"lang": "es",
"value": "Vulnerabilidad en la implementaci\u00f3n de Spellcheck API en Google Chrome en versiones anteriores a la 44.0.2403.89, no usa una sesi\u00f3n HTTPS para la descarga de un diccionario Hunspell, lo cual permite realizar ataques de man-in-the-middle empleados para ofrecer sugerencias de ortograf\u00eda incorrectas o posiblemente tener otro impacto no especificado a trav\u00e9s de archivos manipulados, un tema relacionado con CVE-2015-1263."
}
],
"id": "CVE-2015-1288",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-07-23T00:59:17.350",
"references": [
{
"source": "chrome-cve-admin@google.com",
"url": "http://googlechromereleases.blogspot.com/2015/07/stable-channel-update_21.html"
},
{
"source": "chrome-cve-admin@google.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00038.html"
},
{
"source": "chrome-cve-admin@google.com",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1499.html"
},
{
"source": "chrome-cve-admin@google.com",
"url": "http://www.debian.org/security/2015/dsa-3315"
},
{
"source": "chrome-cve-admin@google.com",
"url": "http://www.securityfocus.com/bid/75973"
},
{
"source": "chrome-cve-admin@google.com",
"url": "http://www.securitytracker.com/id/1033031"
},
{
"source": "chrome-cve-admin@google.com",
"url": "https://code.google.com/p/chromium/issues/detail?id=479162"
},
{
"source": "chrome-cve-admin@google.com",
"url": "https://codereview.chromium.org/1056103005"
},
{
"source": "chrome-cve-admin@google.com",
"url": "https://security.gentoo.org/glsa/201603-09"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://googlechromereleases.blogspot.com/2015/07/stable-channel-update_21.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00038.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1499.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2015/dsa-3315"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/75973"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1033031"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://code.google.com/p/chromium/issues/detail?id=479162"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://codereview.chromium.org/1056103005"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201603-09"
}
],
"sourceIdentifier": "chrome-cve-admin@google.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-17"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2015-1287
Vulnerability from fkie_nvd - Published: 2015-07-23 00:59 - Updated: 2025-04-12 10:46
Severity ?
Summary
Blink, as used in Google Chrome before 44.0.2403.89, enables a quirks-mode exception that limits the cases in which a Cascading Style Sheets (CSS) document is required to have the text/css content type, which allows remote attackers to bypass the Same Origin Policy via a crafted web site, related to core/fetch/CSSStyleSheetResource.cpp.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| opensuse | opensuse | 13.1 | |
| opensuse | opensuse | 13.2 | |
| chrome | * | ||
| redhat | enterprise_linux_desktop_supplementary | 6.0 | |
| redhat | enterprise_linux_server_supplementary | 6.0 | |
| redhat | enterprise_linux_server_supplementary_eus | 6.7z | |
| redhat | enterprise_linux_workstation_supplementary | 6.0 | |
| debian | debian_linux | 8.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A10BC294-9196-425F-9FB0-B1625465B47F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*",
"matchCriteriaId": "03117DF1-3BEC-4B8D-AD63-DBBDB2126081",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4CD601FD-6060-4CC5-81DA-BDDE41485613",
"versionEndIncluding": "43.0.2357.134",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop_supplementary:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B8C6E104-EDBC-481E-85B8-D39ED2058D39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_supplementary:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4B74C62D-4A6D-4A4F-ADF6-A508322CD447",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_supplementary_eus:6.7z:*:*:*:*:*:*:*",
"matchCriteriaId": "FE561C57-71DE-434A-85BC-1FAAFDCC7058",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation_supplementary:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6E89B38A-3697-46DD-BB3F-E8D2373588BE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Blink, as used in Google Chrome before 44.0.2403.89, enables a quirks-mode exception that limits the cases in which a Cascading Style Sheets (CSS) document is required to have the text/css content type, which allows remote attackers to bypass the Same Origin Policy via a crafted web site, related to core/fetch/CSSStyleSheetResource.cpp."
},
{
"lang": "es",
"value": "Vulnerabilidad en Blink implementado en Google Chrome en versiones anteriores a la 44.0.2403.89, habilita una excepci\u00f3n en el quirks-mode que limita los casos en los que un documento Cascading Style Sheets (CSS) es requerido para obtener el tipo de contenido text/css, lo cual permite a atacantes remotos eludir la pol\u00edtica del mismo origen a trav\u00e9s de un sitio web manipulado, relacionado con core/fetch/CSSStyleSheetResource.cpp."
}
],
"id": "CVE-2015-1287",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2015-07-23T00:59:16.443",
"references": [
{
"source": "chrome-cve-admin@google.com",
"url": "http://googlechromereleases.blogspot.com/2015/07/stable-channel-update_21.html"
},
{
"source": "chrome-cve-admin@google.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00038.html"
},
{
"source": "chrome-cve-admin@google.com",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1499.html"
},
{
"source": "chrome-cve-admin@google.com",
"url": "http://www.debian.org/security/2015/dsa-3315"
},
{
"source": "chrome-cve-admin@google.com",
"url": "http://www.securityfocus.com/bid/75973"
},
{
"source": "chrome-cve-admin@google.com",
"url": "http://www.securitytracker.com/id/1033031"
},
{
"source": "chrome-cve-admin@google.com",
"url": "https://code.google.com/p/chromium/issues/detail?id=419383"
},
{
"source": "chrome-cve-admin@google.com",
"url": "https://security.gentoo.org/glsa/201603-09"
},
{
"source": "chrome-cve-admin@google.com",
"url": "https://src.chromium.org/viewvc/blink?revision=195266\u0026view=revision"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://googlechromereleases.blogspot.com/2015/07/stable-channel-update_21.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00038.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1499.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2015/dsa-3315"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/75973"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1033031"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://code.google.com/p/chromium/issues/detail?id=419383"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201603-09"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://src.chromium.org/viewvc/blink?revision=195266\u0026view=revision"
}
],
"sourceIdentifier": "chrome-cve-admin@google.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-17"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2016-1660 (GCVE-0-2016-1660)
Vulnerability from cvelistv5 – Published: 2016-05-14 21:00 – Updated: 2024-08-05 23:02
VLAI?
Summary
Blink, as used in Google Chrome before 50.0.2661.94, mishandles assertions in the WTF::BitArray and WTF::double_conversion::Vector classes, which allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via a crafted web site.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T23:02:12.851Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "openSUSE-SU-2016:1208",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00003.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://crbug.com/574802"
},
{
"name": "DSA-3564",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2016/dsa-3564"
},
{
"name": "openSUSE-SU-2016:1655",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00048.html"
},
{
"name": "openSUSE-SU-2016:1209",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00004.html"
},
{
"name": "USN-2960-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2960-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://codereview.chromium.org/1677363002"
},
{
"name": "89106",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/89106"
},
{
"name": "openSUSE-SU-2016:1207",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00002.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://googlechromereleases.blogspot.com/2016/04/stable-channel-update_28.html"
},
{
"name": "RHSA-2016:0707",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0707.html"
},
{
"name": "GLSA-201605-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201605-02"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://codereview.chromium.org/1672603002"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-04-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Blink, as used in Google Chrome before 50.0.2661.94, mishandles assertions in the WTF::BitArray and WTF::double_conversion::Vector classes, which allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via a crafted web site."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-04-26T09:57:01",
"orgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
"shortName": "Chrome"
},
"references": [
{
"name": "openSUSE-SU-2016:1208",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00003.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://crbug.com/574802"
},
{
"name": "DSA-3564",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2016/dsa-3564"
},
{
"name": "openSUSE-SU-2016:1655",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00048.html"
},
{
"name": "openSUSE-SU-2016:1209",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00004.html"
},
{
"name": "USN-2960-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2960-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://codereview.chromium.org/1677363002"
},
{
"name": "89106",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/89106"
},
{
"name": "openSUSE-SU-2016:1207",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00002.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://googlechromereleases.blogspot.com/2016/04/stable-channel-update_28.html"
},
{
"name": "RHSA-2016:0707",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0707.html"
},
{
"name": "GLSA-201605-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201605-02"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://codereview.chromium.org/1672603002"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@google.com",
"ID": "CVE-2016-1660",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Blink, as used in Google Chrome before 50.0.2661.94, mishandles assertions in the WTF::BitArray and WTF::double_conversion::Vector classes, which allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via a crafted web site."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "openSUSE-SU-2016:1208",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00003.html"
},
{
"name": "https://crbug.com/574802",
"refsource": "CONFIRM",
"url": "https://crbug.com/574802"
},
{
"name": "DSA-3564",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2016/dsa-3564"
},
{
"name": "openSUSE-SU-2016:1655",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00048.html"
},
{
"name": "openSUSE-SU-2016:1209",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00004.html"
},
{
"name": "USN-2960-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2960-1"
},
{
"name": "https://codereview.chromium.org/1677363002",
"refsource": "CONFIRM",
"url": "https://codereview.chromium.org/1677363002"
},
{
"name": "89106",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/89106"
},
{
"name": "openSUSE-SU-2016:1207",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00002.html"
},
{
"name": "http://googlechromereleases.blogspot.com/2016/04/stable-channel-update_28.html",
"refsource": "CONFIRM",
"url": "http://googlechromereleases.blogspot.com/2016/04/stable-channel-update_28.html"
},
{
"name": "RHSA-2016:0707",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0707.html"
},
{
"name": "GLSA-201605-02",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201605-02"
},
{
"name": "https://codereview.chromium.org/1672603002",
"refsource": "CONFIRM",
"url": "https://codereview.chromium.org/1672603002"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
"assignerShortName": "Chrome",
"cveId": "CVE-2016-1660",
"datePublished": "2016-05-14T21:00:00",
"dateReserved": "2016-01-12T00:00:00",
"dateUpdated": "2024-08-05T23:02:12.851Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-1662 (GCVE-0-2016-1662)
Vulnerability from cvelistv5 – Published: 2016-05-14 21:00 – Updated: 2024-08-05 23:02
VLAI?
Summary
extensions/renderer/gc_callback.cc in Google Chrome before 50.0.2661.94 does not prevent fallback execution once the Garbage Collection callback has started, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via unknown vectors.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T23:02:12.361Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "openSUSE-SU-2016:1208",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00003.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://codereview.chromium.org/1887423002"
},
{
"name": "DSA-3564",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2016/dsa-3564"
},
{
"name": "openSUSE-SU-2016:1655",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00048.html"
},
{
"name": "openSUSE-SU-2016:1209",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00004.html"
},
{
"name": "89106",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/89106"
},
{
"name": "openSUSE-SU-2016:1207",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00002.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://googlechromereleases.blogspot.com/2016/04/stable-channel-update_28.html"
},
{
"name": "RHSA-2016:0707",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0707.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://crbug.com/603732"
},
{
"name": "GLSA-201605-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201605-02"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-04-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "extensions/renderer/gc_callback.cc in Google Chrome before 50.0.2661.94 does not prevent fallback execution once the Garbage Collection callback has started, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via unknown vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-04-26T09:57:01",
"orgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
"shortName": "Chrome"
},
"references": [
{
"name": "openSUSE-SU-2016:1208",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00003.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://codereview.chromium.org/1887423002"
},
{
"name": "DSA-3564",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2016/dsa-3564"
},
{
"name": "openSUSE-SU-2016:1655",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00048.html"
},
{
"name": "openSUSE-SU-2016:1209",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00004.html"
},
{
"name": "89106",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/89106"
},
{
"name": "openSUSE-SU-2016:1207",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00002.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://googlechromereleases.blogspot.com/2016/04/stable-channel-update_28.html"
},
{
"name": "RHSA-2016:0707",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0707.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://crbug.com/603732"
},
{
"name": "GLSA-201605-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201605-02"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@google.com",
"ID": "CVE-2016-1662",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "extensions/renderer/gc_callback.cc in Google Chrome before 50.0.2661.94 does not prevent fallback execution once the Garbage Collection callback has started, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via unknown vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "openSUSE-SU-2016:1208",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00003.html"
},
{
"name": "https://codereview.chromium.org/1887423002",
"refsource": "CONFIRM",
"url": "https://codereview.chromium.org/1887423002"
},
{
"name": "DSA-3564",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2016/dsa-3564"
},
{
"name": "openSUSE-SU-2016:1655",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00048.html"
},
{
"name": "openSUSE-SU-2016:1209",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00004.html"
},
{
"name": "89106",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/89106"
},
{
"name": "openSUSE-SU-2016:1207",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00002.html"
},
{
"name": "http://googlechromereleases.blogspot.com/2016/04/stable-channel-update_28.html",
"refsource": "CONFIRM",
"url": "http://googlechromereleases.blogspot.com/2016/04/stable-channel-update_28.html"
},
{
"name": "RHSA-2016:0707",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0707.html"
},
{
"name": "https://crbug.com/603732",
"refsource": "CONFIRM",
"url": "https://crbug.com/603732"
},
{
"name": "GLSA-201605-02",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201605-02"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
"assignerShortName": "Chrome",
"cveId": "CVE-2016-1662",
"datePublished": "2016-05-14T21:00:00",
"dateReserved": "2016-01-12T00:00:00",
"dateUpdated": "2024-08-05T23:02:12.361Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-1664 (GCVE-0-2016-1664)
Vulnerability from cvelistv5 – Published: 2016-05-14 21:00 – Updated: 2024-08-05 23:02
VLAI?
Summary
The HistoryController::UpdateForCommit function in content/renderer/history_controller.cc in Google Chrome before 50.0.2661.94 mishandles the interaction between subframe forward navigations and other forward navigations, which allows remote attackers to spoof the address bar via a crafted web site.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T23:02:12.369Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "openSUSE-SU-2016:1208",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00003.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://crbug.com/597322"
},
{
"name": "DSA-3564",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2016/dsa-3564"
},
{
"name": "openSUSE-SU-2016:1655",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00048.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://codereview.chromium.org/1848813005/"
},
{
"name": "openSUSE-SU-2016:1209",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00004.html"
},
{
"name": "89106",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/89106"
},
{
"name": "openSUSE-SU-2016:1207",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00002.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://googlechromereleases.blogspot.com/2016/04/stable-channel-update_28.html"
},
{
"name": "RHSA-2016:0707",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0707.html"
},
{
"name": "GLSA-201605-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201605-02"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-04-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The HistoryController::UpdateForCommit function in content/renderer/history_controller.cc in Google Chrome before 50.0.2661.94 mishandles the interaction between subframe forward navigations and other forward navigations, which allows remote attackers to spoof the address bar via a crafted web site."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-04-26T09:57:01",
"orgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
"shortName": "Chrome"
},
"references": [
{
"name": "openSUSE-SU-2016:1208",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00003.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://crbug.com/597322"
},
{
"name": "DSA-3564",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2016/dsa-3564"
},
{
"name": "openSUSE-SU-2016:1655",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00048.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://codereview.chromium.org/1848813005/"
},
{
"name": "openSUSE-SU-2016:1209",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00004.html"
},
{
"name": "89106",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/89106"
},
{
"name": "openSUSE-SU-2016:1207",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00002.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://googlechromereleases.blogspot.com/2016/04/stable-channel-update_28.html"
},
{
"name": "RHSA-2016:0707",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0707.html"
},
{
"name": "GLSA-201605-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201605-02"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@google.com",
"ID": "CVE-2016-1664",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The HistoryController::UpdateForCommit function in content/renderer/history_controller.cc in Google Chrome before 50.0.2661.94 mishandles the interaction between subframe forward navigations and other forward navigations, which allows remote attackers to spoof the address bar via a crafted web site."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "openSUSE-SU-2016:1208",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00003.html"
},
{
"name": "https://crbug.com/597322",
"refsource": "CONFIRM",
"url": "https://crbug.com/597322"
},
{
"name": "DSA-3564",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2016/dsa-3564"
},
{
"name": "openSUSE-SU-2016:1655",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00048.html"
},
{
"name": "https://codereview.chromium.org/1848813005/",
"refsource": "CONFIRM",
"url": "https://codereview.chromium.org/1848813005/"
},
{
"name": "openSUSE-SU-2016:1209",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00004.html"
},
{
"name": "89106",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/89106"
},
{
"name": "openSUSE-SU-2016:1207",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00002.html"
},
{
"name": "http://googlechromereleases.blogspot.com/2016/04/stable-channel-update_28.html",
"refsource": "CONFIRM",
"url": "http://googlechromereleases.blogspot.com/2016/04/stable-channel-update_28.html"
},
{
"name": "RHSA-2016:0707",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0707.html"
},
{
"name": "GLSA-201605-02",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201605-02"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
"assignerShortName": "Chrome",
"cveId": "CVE-2016-1664",
"datePublished": "2016-05-14T21:00:00",
"dateReserved": "2016-01-12T00:00:00",
"dateUpdated": "2024-08-05T23:02:12.369Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-1665 (GCVE-0-2016-1665)
Vulnerability from cvelistv5 – Published: 2016-05-14 21:00 – Updated: 2024-08-05 23:02
VLAI?
Summary
The JSGenericLowering class in compiler/js-generic-lowering.cc in Google V8, as used in Google Chrome before 50.0.2661.94, mishandles comparison operators, which allows remote attackers to obtain sensitive information via crafted JavaScript code.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T23:02:12.872Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "openSUSE-SU-2016:1208",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00003.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://crbug.com/606181"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://codereview.chromium.org/1925463003"
},
{
"name": "DSA-3564",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2016/dsa-3564"
},
{
"name": "openSUSE-SU-2016:1655",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00048.html"
},
{
"name": "openSUSE-SU-2016:1209",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00004.html"
},
{
"name": "USN-2960-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2960-1"
},
{
"name": "89106",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/89106"
},
{
"name": "openSUSE-SU-2016:1207",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00002.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://googlechromereleases.blogspot.com/2016/04/stable-channel-update_28.html"
},
{
"name": "RHSA-2016:0707",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0707.html"
},
{
"name": "GLSA-201605-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201605-02"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-04-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The JSGenericLowering class in compiler/js-generic-lowering.cc in Google V8, as used in Google Chrome before 50.0.2661.94, mishandles comparison operators, which allows remote attackers to obtain sensitive information via crafted JavaScript code."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-04-26T09:57:01",
"orgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
"shortName": "Chrome"
},
"references": [
{
"name": "openSUSE-SU-2016:1208",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00003.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://crbug.com/606181"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://codereview.chromium.org/1925463003"
},
{
"name": "DSA-3564",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2016/dsa-3564"
},
{
"name": "openSUSE-SU-2016:1655",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00048.html"
},
{
"name": "openSUSE-SU-2016:1209",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00004.html"
},
{
"name": "USN-2960-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2960-1"
},
{
"name": "89106",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/89106"
},
{
"name": "openSUSE-SU-2016:1207",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00002.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://googlechromereleases.blogspot.com/2016/04/stable-channel-update_28.html"
},
{
"name": "RHSA-2016:0707",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0707.html"
},
{
"name": "GLSA-201605-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201605-02"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@google.com",
"ID": "CVE-2016-1665",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The JSGenericLowering class in compiler/js-generic-lowering.cc in Google V8, as used in Google Chrome before 50.0.2661.94, mishandles comparison operators, which allows remote attackers to obtain sensitive information via crafted JavaScript code."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "openSUSE-SU-2016:1208",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00003.html"
},
{
"name": "https://crbug.com/606181",
"refsource": "CONFIRM",
"url": "https://crbug.com/606181"
},
{
"name": "https://codereview.chromium.org/1925463003",
"refsource": "CONFIRM",
"url": "https://codereview.chromium.org/1925463003"
},
{
"name": "DSA-3564",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2016/dsa-3564"
},
{
"name": "openSUSE-SU-2016:1655",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00048.html"
},
{
"name": "openSUSE-SU-2016:1209",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00004.html"
},
{
"name": "USN-2960-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2960-1"
},
{
"name": "89106",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/89106"
},
{
"name": "openSUSE-SU-2016:1207",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00002.html"
},
{
"name": "http://googlechromereleases.blogspot.com/2016/04/stable-channel-update_28.html",
"refsource": "CONFIRM",
"url": "http://googlechromereleases.blogspot.com/2016/04/stable-channel-update_28.html"
},
{
"name": "RHSA-2016:0707",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0707.html"
},
{
"name": "GLSA-201605-02",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201605-02"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
"assignerShortName": "Chrome",
"cveId": "CVE-2016-1665",
"datePublished": "2016-05-14T21:00:00",
"dateReserved": "2016-01-12T00:00:00",
"dateUpdated": "2024-08-05T23:02:12.872Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-1661 (GCVE-0-2016-1661)
Vulnerability from cvelistv5 – Published: 2016-05-14 21:00 – Updated: 2024-08-05 23:02
VLAI?
Summary
Blink, as used in Google Chrome before 50.0.2661.94, does not ensure that frames satisfy a check for the same renderer process in addition to a Same Origin Policy check, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted web site, related to BindingSecurity.cpp and DOMWindow.cpp.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T23:02:12.442Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "openSUSE-SU-2016:1208",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00003.html"
},
{
"name": "DSA-3564",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2016/dsa-3564"
},
{
"name": "openSUSE-SU-2016:1655",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00048.html"
},
{
"name": "openSUSE-SU-2016:1209",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00004.html"
},
{
"name": "USN-2960-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2960-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://codereview.chromium.org/1887553002/"
},
{
"name": "89106",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/89106"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://crbug.com/601629"
},
{
"name": "openSUSE-SU-2016:1207",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00002.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://googlechromereleases.blogspot.com/2016/04/stable-channel-update_28.html"
},
{
"name": "RHSA-2016:0707",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0707.html"
},
{
"name": "GLSA-201605-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201605-02"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-04-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Blink, as used in Google Chrome before 50.0.2661.94, does not ensure that frames satisfy a check for the same renderer process in addition to a Same Origin Policy check, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted web site, related to BindingSecurity.cpp and DOMWindow.cpp."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-04-26T09:57:01",
"orgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
"shortName": "Chrome"
},
"references": [
{
"name": "openSUSE-SU-2016:1208",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00003.html"
},
{
"name": "DSA-3564",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2016/dsa-3564"
},
{
"name": "openSUSE-SU-2016:1655",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00048.html"
},
{
"name": "openSUSE-SU-2016:1209",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00004.html"
},
{
"name": "USN-2960-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2960-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://codereview.chromium.org/1887553002/"
},
{
"name": "89106",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/89106"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://crbug.com/601629"
},
{
"name": "openSUSE-SU-2016:1207",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00002.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://googlechromereleases.blogspot.com/2016/04/stable-channel-update_28.html"
},
{
"name": "RHSA-2016:0707",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0707.html"
},
{
"name": "GLSA-201605-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201605-02"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@google.com",
"ID": "CVE-2016-1661",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Blink, as used in Google Chrome before 50.0.2661.94, does not ensure that frames satisfy a check for the same renderer process in addition to a Same Origin Policy check, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted web site, related to BindingSecurity.cpp and DOMWindow.cpp."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "openSUSE-SU-2016:1208",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00003.html"
},
{
"name": "DSA-3564",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2016/dsa-3564"
},
{
"name": "openSUSE-SU-2016:1655",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00048.html"
},
{
"name": "openSUSE-SU-2016:1209",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00004.html"
},
{
"name": "USN-2960-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2960-1"
},
{
"name": "https://codereview.chromium.org/1887553002/",
"refsource": "CONFIRM",
"url": "https://codereview.chromium.org/1887553002/"
},
{
"name": "89106",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/89106"
},
{
"name": "https://crbug.com/601629",
"refsource": "CONFIRM",
"url": "https://crbug.com/601629"
},
{
"name": "openSUSE-SU-2016:1207",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00002.html"
},
{
"name": "http://googlechromereleases.blogspot.com/2016/04/stable-channel-update_28.html",
"refsource": "CONFIRM",
"url": "http://googlechromereleases.blogspot.com/2016/04/stable-channel-update_28.html"
},
{
"name": "RHSA-2016:0707",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0707.html"
},
{
"name": "GLSA-201605-02",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201605-02"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
"assignerShortName": "Chrome",
"cveId": "CVE-2016-1661",
"datePublished": "2016-05-14T21:00:00",
"dateReserved": "2016-01-12T00:00:00",
"dateUpdated": "2024-08-05T23:02:12.442Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-1666 (GCVE-0-2016-1666)
Vulnerability from cvelistv5 – Published: 2016-05-14 21:00 – Updated: 2024-08-05 23:02
VLAI?
Summary
Multiple unspecified vulnerabilities in Google Chrome before 50.0.2661.94 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T23:02:12.843Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugs.chromium.org/p/chromium/issues/detail?id=601001"
},
{
"name": "openSUSE-SU-2016:1208",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00003.html"
},
{
"name": "DSA-3564",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2016/dsa-3564"
},
{
"name": "openSUSE-SU-2016:1655",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00048.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugs.chromium.org/p/chromium/issues/detail?id=605491"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://crbug.com/607652"
},
{
"name": "openSUSE-SU-2016:1209",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00004.html"
},
{
"name": "USN-2960-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2960-1"
},
{
"name": "89106",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/89106"
},
{
"name": "openSUSE-SU-2016:1207",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00002.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://googlechromereleases.blogspot.com/2016/04/stable-channel-update_28.html"
},
{
"name": "RHSA-2016:0707",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0707.html"
},
{
"name": "GLSA-201605-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201605-02"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-04-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple unspecified vulnerabilities in Google Chrome before 50.0.2661.94 allow attackers to cause a denial of service or possibly have other impact via unknown vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-04-26T09:57:01",
"orgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
"shortName": "Chrome"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugs.chromium.org/p/chromium/issues/detail?id=601001"
},
{
"name": "openSUSE-SU-2016:1208",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00003.html"
},
{
"name": "DSA-3564",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2016/dsa-3564"
},
{
"name": "openSUSE-SU-2016:1655",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00048.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugs.chromium.org/p/chromium/issues/detail?id=605491"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://crbug.com/607652"
},
{
"name": "openSUSE-SU-2016:1209",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00004.html"
},
{
"name": "USN-2960-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2960-1"
},
{
"name": "89106",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/89106"
},
{
"name": "openSUSE-SU-2016:1207",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00002.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://googlechromereleases.blogspot.com/2016/04/stable-channel-update_28.html"
},
{
"name": "RHSA-2016:0707",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0707.html"
},
{
"name": "GLSA-201605-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201605-02"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@google.com",
"ID": "CVE-2016-1666",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple unspecified vulnerabilities in Google Chrome before 50.0.2661.94 allow attackers to cause a denial of service or possibly have other impact via unknown vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugs.chromium.org/p/chromium/issues/detail?id=601001",
"refsource": "CONFIRM",
"url": "https://bugs.chromium.org/p/chromium/issues/detail?id=601001"
},
{
"name": "openSUSE-SU-2016:1208",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00003.html"
},
{
"name": "DSA-3564",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2016/dsa-3564"
},
{
"name": "openSUSE-SU-2016:1655",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00048.html"
},
{
"name": "https://bugs.chromium.org/p/chromium/issues/detail?id=605491",
"refsource": "CONFIRM",
"url": "https://bugs.chromium.org/p/chromium/issues/detail?id=605491"
},
{
"name": "https://crbug.com/607652",
"refsource": "CONFIRM",
"url": "https://crbug.com/607652"
},
{
"name": "openSUSE-SU-2016:1209",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00004.html"
},
{
"name": "USN-2960-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2960-1"
},
{
"name": "89106",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/89106"
},
{
"name": "openSUSE-SU-2016:1207",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00002.html"
},
{
"name": "http://googlechromereleases.blogspot.com/2016/04/stable-channel-update_28.html",
"refsource": "CONFIRM",
"url": "http://googlechromereleases.blogspot.com/2016/04/stable-channel-update_28.html"
},
{
"name": "RHSA-2016:0707",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0707.html"
},
{
"name": "GLSA-201605-02",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201605-02"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
"assignerShortName": "Chrome",
"cveId": "CVE-2016-1666",
"datePublished": "2016-05-14T21:00:00",
"dateReserved": "2016-01-12T00:00:00",
"dateUpdated": "2024-08-05T23:02:12.843Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-1663 (GCVE-0-2016-1663)
Vulnerability from cvelistv5 – Published: 2016-05-14 21:00 – Updated: 2024-08-05 23:02
VLAI?
Summary
The SerializedScriptValue::transferArrayBuffers function in WebKit/Source/bindings/core/v8/SerializedScriptValue.cpp in the V8 bindings in Blink, as used in Google Chrome before 50.0.2661.94, mishandles certain array-buffer data structures, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted web site.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T23:02:12.880Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://crbug.com/603987"
},
{
"name": "openSUSE-SU-2016:1208",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00003.html"
},
{
"name": "DSA-3564",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2016/dsa-3564"
},
{
"name": "openSUSE-SU-2016:1655",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00048.html"
},
{
"name": "openSUSE-SU-2016:1209",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00004.html"
},
{
"name": "USN-2960-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2960-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://codereview.chromium.org/1904913002/"
},
{
"name": "89106",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/89106"
},
{
"name": "openSUSE-SU-2016:1207",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00002.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://googlechromereleases.blogspot.com/2016/04/stable-channel-update_28.html"
},
{
"name": "RHSA-2016:0707",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0707.html"
},
{
"name": "GLSA-201605-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201605-02"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-04-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The SerializedScriptValue::transferArrayBuffers function in WebKit/Source/bindings/core/v8/SerializedScriptValue.cpp in the V8 bindings in Blink, as used in Google Chrome before 50.0.2661.94, mishandles certain array-buffer data structures, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted web site."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-04-26T09:57:01",
"orgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
"shortName": "Chrome"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://crbug.com/603987"
},
{
"name": "openSUSE-SU-2016:1208",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00003.html"
},
{
"name": "DSA-3564",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2016/dsa-3564"
},
{
"name": "openSUSE-SU-2016:1655",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00048.html"
},
{
"name": "openSUSE-SU-2016:1209",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00004.html"
},
{
"name": "USN-2960-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2960-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://codereview.chromium.org/1904913002/"
},
{
"name": "89106",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/89106"
},
{
"name": "openSUSE-SU-2016:1207",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00002.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://googlechromereleases.blogspot.com/2016/04/stable-channel-update_28.html"
},
{
"name": "RHSA-2016:0707",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0707.html"
},
{
"name": "GLSA-201605-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201605-02"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@google.com",
"ID": "CVE-2016-1663",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The SerializedScriptValue::transferArrayBuffers function in WebKit/Source/bindings/core/v8/SerializedScriptValue.cpp in the V8 bindings in Blink, as used in Google Chrome before 50.0.2661.94, mishandles certain array-buffer data structures, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted web site."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://crbug.com/603987",
"refsource": "CONFIRM",
"url": "https://crbug.com/603987"
},
{
"name": "openSUSE-SU-2016:1208",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00003.html"
},
{
"name": "DSA-3564",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2016/dsa-3564"
},
{
"name": "openSUSE-SU-2016:1655",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00048.html"
},
{
"name": "openSUSE-SU-2016:1209",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00004.html"
},
{
"name": "USN-2960-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2960-1"
},
{
"name": "https://codereview.chromium.org/1904913002/",
"refsource": "CONFIRM",
"url": "https://codereview.chromium.org/1904913002/"
},
{
"name": "89106",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/89106"
},
{
"name": "openSUSE-SU-2016:1207",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00002.html"
},
{
"name": "http://googlechromereleases.blogspot.com/2016/04/stable-channel-update_28.html",
"refsource": "CONFIRM",
"url": "http://googlechromereleases.blogspot.com/2016/04/stable-channel-update_28.html"
},
{
"name": "RHSA-2016:0707",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0707.html"
},
{
"name": "GLSA-201605-02",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201605-02"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
"assignerShortName": "Chrome",
"cveId": "CVE-2016-1663",
"datePublished": "2016-05-14T21:00:00",
"dateReserved": "2016-01-12T00:00:00",
"dateUpdated": "2024-08-05T23:02:12.880Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-8540 (GCVE-0-2015-8540)
Vulnerability from cvelistv5 – Published: 2016-04-14 14:00 – Updated: 2024-08-06 08:20
VLAI?
Summary
Integer underflow in the png_check_keyword function in pngwutil.c in libpng 0.90 through 0.99, 1.0.x before 1.0.66, 1.1.x and 1.2.x before 1.2.56, 1.3.x and 1.4.x before 1.4.19, and 1.5.x before 1.5.26 allows remote attackers to have unspecified impact via a space character as a keyword in a PNG image, which triggers an out-of-bounds read.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T08:20:42.512Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sourceforge.net/projects/libpng/files/libpng10/1.0.66/"
},
{
"name": "GLSA-201611-08",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201611-08"
},
{
"name": "[oss-security] 20151211 Re: Re: CVE request - read underflow in libpng 1.2.55, 1.0.65, 1.4.18, and 1.5.25 (pngwutil.c)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2015/12/11/2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sourceforge.net/p/libpng/code/ci/d9006f683c641793252d92254a75ae9b815b42ed/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sourceforge.net/projects/libpng/files/libpng15/1.5.26/"
},
{
"name": "RHSA-2016:1430",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2016:1430"
},
{
"name": "[oss-security] 20151210 CVE request - read underflow in libpng 1.2.55, 1.0.65, 1.4.18, and 1.5.25 (pngwutil.c)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2015/12/10/6"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sourceforge.net/projects/libpng/files/libpng14/1.4.19/"
},
{
"name": "[oss-security] 20151211 Re: CVE request - read underflow in libpng 1.2.55, 1.0.65, 1.4.18, and 1.5.25 (pngwutil.c)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2015/12/11/1"
},
{
"name": "[oss-security] 20151210 Re: CVE request - read underflow in libpng 1.2.55, 1.0.65, 1.4.18, and 1.5.25 (pngwutil.c)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2015/12/10/7"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sourceforge.net/projects/libpng/files/libpng12/1.2.56/"
},
{
"name": "DSA-3443",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2016/dsa-3443"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sourceforge.net/p/libpng/bugs/244/"
},
{
"name": "80592",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/80592"
},
{
"name": "[oss-security] 20151217 Re: CVE request - read underflow in libpng 1.2.55, 1.0.65, 1.4.18, and 1.5.25 (pngwutil.c)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2015/12/17/10"
},
{
"name": "FEDORA-2015-3868cfa17b",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-December/174435.html"
},
{
"name": "[bookkeeper-issues] 20210628 [GitHub] [bookkeeper] padma81 opened a new issue #2746: Security Vulnerabilities in CentOS 7 image, Upgrade image to CentOS 8",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E"
},
{
"name": "[bookkeeper-issues] 20210629 [GitHub] [bookkeeper] padma81 opened a new issue #2746: Security Vulnerabilities in CentOS 7 image, Upgrade image to CentOS 8",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-12-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Integer underflow in the png_check_keyword function in pngwutil.c in libpng 0.90 through 0.99, 1.0.x before 1.0.66, 1.1.x and 1.2.x before 1.2.56, 1.3.x and 1.4.x before 1.4.19, and 1.5.x before 1.5.26 allows remote attackers to have unspecified impact via a space character as a keyword in a PNG image, which triggers an out-of-bounds read."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-29T14:06:22",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sourceforge.net/projects/libpng/files/libpng10/1.0.66/"
},
{
"name": "GLSA-201611-08",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201611-08"
},
{
"name": "[oss-security] 20151211 Re: Re: CVE request - read underflow in libpng 1.2.55, 1.0.65, 1.4.18, and 1.5.25 (pngwutil.c)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2015/12/11/2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sourceforge.net/p/libpng/code/ci/d9006f683c641793252d92254a75ae9b815b42ed/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sourceforge.net/projects/libpng/files/libpng15/1.5.26/"
},
{
"name": "RHSA-2016:1430",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2016:1430"
},
{
"name": "[oss-security] 20151210 CVE request - read underflow in libpng 1.2.55, 1.0.65, 1.4.18, and 1.5.25 (pngwutil.c)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2015/12/10/6"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sourceforge.net/projects/libpng/files/libpng14/1.4.19/"
},
{
"name": "[oss-security] 20151211 Re: CVE request - read underflow in libpng 1.2.55, 1.0.65, 1.4.18, and 1.5.25 (pngwutil.c)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2015/12/11/1"
},
{
"name": "[oss-security] 20151210 Re: CVE request - read underflow in libpng 1.2.55, 1.0.65, 1.4.18, and 1.5.25 (pngwutil.c)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2015/12/10/7"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sourceforge.net/projects/libpng/files/libpng12/1.2.56/"
},
{
"name": "DSA-3443",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2016/dsa-3443"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sourceforge.net/p/libpng/bugs/244/"
},
{
"name": "80592",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/80592"
},
{
"name": "[oss-security] 20151217 Re: CVE request - read underflow in libpng 1.2.55, 1.0.65, 1.4.18, and 1.5.25 (pngwutil.c)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2015/12/17/10"
},
{
"name": "FEDORA-2015-3868cfa17b",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-December/174435.html"
},
{
"name": "[bookkeeper-issues] 20210628 [GitHub] [bookkeeper] padma81 opened a new issue #2746: Security Vulnerabilities in CentOS 7 image, Upgrade image to CentOS 8",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E"
},
{
"name": "[bookkeeper-issues] 20210629 [GitHub] [bookkeeper] padma81 opened a new issue #2746: Security Vulnerabilities in CentOS 7 image, Upgrade image to CentOS 8",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-8540",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Integer underflow in the png_check_keyword function in pngwutil.c in libpng 0.90 through 0.99, 1.0.x before 1.0.66, 1.1.x and 1.2.x before 1.2.56, 1.3.x and 1.4.x before 1.4.19, and 1.5.x before 1.5.26 allows remote attackers to have unspecified impact via a space character as a keyword in a PNG image, which triggers an out-of-bounds read."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://sourceforge.net/projects/libpng/files/libpng10/1.0.66/",
"refsource": "CONFIRM",
"url": "http://sourceforge.net/projects/libpng/files/libpng10/1.0.66/"
},
{
"name": "GLSA-201611-08",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201611-08"
},
{
"name": "[oss-security] 20151211 Re: Re: CVE request - read underflow in libpng 1.2.55, 1.0.65, 1.4.18, and 1.5.25 (pngwutil.c)",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/12/11/2"
},
{
"name": "http://sourceforge.net/p/libpng/code/ci/d9006f683c641793252d92254a75ae9b815b42ed/",
"refsource": "CONFIRM",
"url": "http://sourceforge.net/p/libpng/code/ci/d9006f683c641793252d92254a75ae9b815b42ed/"
},
{
"name": "http://sourceforge.net/projects/libpng/files/libpng15/1.5.26/",
"refsource": "CONFIRM",
"url": "http://sourceforge.net/projects/libpng/files/libpng15/1.5.26/"
},
{
"name": "RHSA-2016:1430",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2016:1430"
},
{
"name": "[oss-security] 20151210 CVE request - read underflow in libpng 1.2.55, 1.0.65, 1.4.18, and 1.5.25 (pngwutil.c)",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/12/10/6"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html"
},
{
"name": "http://sourceforge.net/projects/libpng/files/libpng14/1.4.19/",
"refsource": "CONFIRM",
"url": "http://sourceforge.net/projects/libpng/files/libpng14/1.4.19/"
},
{
"name": "[oss-security] 20151211 Re: CVE request - read underflow in libpng 1.2.55, 1.0.65, 1.4.18, and 1.5.25 (pngwutil.c)",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/12/11/1"
},
{
"name": "[oss-security] 20151210 Re: CVE request - read underflow in libpng 1.2.55, 1.0.65, 1.4.18, and 1.5.25 (pngwutil.c)",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/12/10/7"
},
{
"name": "http://sourceforge.net/projects/libpng/files/libpng12/1.2.56/",
"refsource": "CONFIRM",
"url": "http://sourceforge.net/projects/libpng/files/libpng12/1.2.56/"
},
{
"name": "DSA-3443",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2016/dsa-3443"
},
{
"name": "http://sourceforge.net/p/libpng/bugs/244/",
"refsource": "CONFIRM",
"url": "http://sourceforge.net/p/libpng/bugs/244/"
},
{
"name": "80592",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/80592"
},
{
"name": "[oss-security] 20151217 Re: CVE request - read underflow in libpng 1.2.55, 1.0.65, 1.4.18, and 1.5.25 (pngwutil.c)",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/12/17/10"
},
{
"name": "FEDORA-2015-3868cfa17b",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-December/174435.html"
},
{
"name": "[bookkeeper-issues] 20210628 [GitHub] [bookkeeper] padma81 opened a new issue #2746: Security Vulnerabilities in CentOS 7 image, Upgrade image to CentOS 8",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E"
},
{
"name": "[bookkeeper-issues] 20210629 [GitHub] [bookkeeper] padma81 opened a new issue #2746: Security Vulnerabilities in CentOS 7 image, Upgrade image to CentOS 8",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2015-8540",
"datePublished": "2016-04-14T14:00:00",
"dateReserved": "2015-12-10T00:00:00",
"dateUpdated": "2024-08-06T08:20:42.512Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-2051 (GCVE-0-2016-2051)
Vulnerability from cvelistv5 – Published: 2016-01-25 11:00 – Updated: 2024-08-05 23:17
VLAI?
Summary
Multiple unspecified vulnerabilities in Google V8 before 4.8.271.17, as used in Google Chrome before 48.0.2564.82, allow attackers to cause a denial of service or possibly have other impact via unknown vectors.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T23:17:50.336Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2016:0072",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0072.html"
},
{
"name": "USN-2877-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2877-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://googlechromereleases.blogspot.com/2016/01/stable-channel-update_20.html"
},
{
"name": "1034801",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1034801"
},
{
"name": "81431",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/81431"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-01-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple unspecified vulnerabilities in Google V8 before 4.8.271.17, as used in Google Chrome before 48.0.2564.82, allow attackers to cause a denial of service or possibly have other impact via unknown vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-05T14:57:01",
"orgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
"shortName": "Chrome"
},
"references": [
{
"name": "RHSA-2016:0072",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0072.html"
},
{
"name": "USN-2877-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2877-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://googlechromereleases.blogspot.com/2016/01/stable-channel-update_20.html"
},
{
"name": "1034801",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1034801"
},
{
"name": "81431",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/81431"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@google.com",
"ID": "CVE-2016-2051",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple unspecified vulnerabilities in Google V8 before 4.8.271.17, as used in Google Chrome before 48.0.2564.82, allow attackers to cause a denial of service or possibly have other impact via unknown vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2016:0072",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0072.html"
},
{
"name": "USN-2877-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2877-1"
},
{
"name": "http://googlechromereleases.blogspot.com/2016/01/stable-channel-update_20.html",
"refsource": "CONFIRM",
"url": "http://googlechromereleases.blogspot.com/2016/01/stable-channel-update_20.html"
},
{
"name": "1034801",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1034801"
},
{
"name": "81431",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/81431"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
"assignerShortName": "Chrome",
"cveId": "CVE-2016-2051",
"datePublished": "2016-01-25T11:00:00",
"dateReserved": "2016-01-24T00:00:00",
"dateUpdated": "2024-08-05T23:17:50.336Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-1660 (GCVE-0-2016-1660)
Vulnerability from nvd – Published: 2016-05-14 21:00 – Updated: 2024-08-05 23:02
VLAI?
Summary
Blink, as used in Google Chrome before 50.0.2661.94, mishandles assertions in the WTF::BitArray and WTF::double_conversion::Vector classes, which allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via a crafted web site.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T23:02:12.851Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "openSUSE-SU-2016:1208",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00003.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://crbug.com/574802"
},
{
"name": "DSA-3564",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2016/dsa-3564"
},
{
"name": "openSUSE-SU-2016:1655",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00048.html"
},
{
"name": "openSUSE-SU-2016:1209",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00004.html"
},
{
"name": "USN-2960-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2960-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://codereview.chromium.org/1677363002"
},
{
"name": "89106",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/89106"
},
{
"name": "openSUSE-SU-2016:1207",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00002.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://googlechromereleases.blogspot.com/2016/04/stable-channel-update_28.html"
},
{
"name": "RHSA-2016:0707",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0707.html"
},
{
"name": "GLSA-201605-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201605-02"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://codereview.chromium.org/1672603002"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-04-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Blink, as used in Google Chrome before 50.0.2661.94, mishandles assertions in the WTF::BitArray and WTF::double_conversion::Vector classes, which allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via a crafted web site."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-04-26T09:57:01",
"orgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
"shortName": "Chrome"
},
"references": [
{
"name": "openSUSE-SU-2016:1208",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00003.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://crbug.com/574802"
},
{
"name": "DSA-3564",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2016/dsa-3564"
},
{
"name": "openSUSE-SU-2016:1655",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00048.html"
},
{
"name": "openSUSE-SU-2016:1209",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00004.html"
},
{
"name": "USN-2960-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2960-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://codereview.chromium.org/1677363002"
},
{
"name": "89106",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/89106"
},
{
"name": "openSUSE-SU-2016:1207",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00002.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://googlechromereleases.blogspot.com/2016/04/stable-channel-update_28.html"
},
{
"name": "RHSA-2016:0707",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0707.html"
},
{
"name": "GLSA-201605-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201605-02"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://codereview.chromium.org/1672603002"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@google.com",
"ID": "CVE-2016-1660",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Blink, as used in Google Chrome before 50.0.2661.94, mishandles assertions in the WTF::BitArray and WTF::double_conversion::Vector classes, which allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via a crafted web site."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "openSUSE-SU-2016:1208",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00003.html"
},
{
"name": "https://crbug.com/574802",
"refsource": "CONFIRM",
"url": "https://crbug.com/574802"
},
{
"name": "DSA-3564",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2016/dsa-3564"
},
{
"name": "openSUSE-SU-2016:1655",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00048.html"
},
{
"name": "openSUSE-SU-2016:1209",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00004.html"
},
{
"name": "USN-2960-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2960-1"
},
{
"name": "https://codereview.chromium.org/1677363002",
"refsource": "CONFIRM",
"url": "https://codereview.chromium.org/1677363002"
},
{
"name": "89106",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/89106"
},
{
"name": "openSUSE-SU-2016:1207",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00002.html"
},
{
"name": "http://googlechromereleases.blogspot.com/2016/04/stable-channel-update_28.html",
"refsource": "CONFIRM",
"url": "http://googlechromereleases.blogspot.com/2016/04/stable-channel-update_28.html"
},
{
"name": "RHSA-2016:0707",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0707.html"
},
{
"name": "GLSA-201605-02",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201605-02"
},
{
"name": "https://codereview.chromium.org/1672603002",
"refsource": "CONFIRM",
"url": "https://codereview.chromium.org/1672603002"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
"assignerShortName": "Chrome",
"cveId": "CVE-2016-1660",
"datePublished": "2016-05-14T21:00:00",
"dateReserved": "2016-01-12T00:00:00",
"dateUpdated": "2024-08-05T23:02:12.851Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-1662 (GCVE-0-2016-1662)
Vulnerability from nvd – Published: 2016-05-14 21:00 – Updated: 2024-08-05 23:02
VLAI?
Summary
extensions/renderer/gc_callback.cc in Google Chrome before 50.0.2661.94 does not prevent fallback execution once the Garbage Collection callback has started, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via unknown vectors.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T23:02:12.361Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "openSUSE-SU-2016:1208",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00003.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://codereview.chromium.org/1887423002"
},
{
"name": "DSA-3564",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2016/dsa-3564"
},
{
"name": "openSUSE-SU-2016:1655",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00048.html"
},
{
"name": "openSUSE-SU-2016:1209",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00004.html"
},
{
"name": "89106",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/89106"
},
{
"name": "openSUSE-SU-2016:1207",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00002.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://googlechromereleases.blogspot.com/2016/04/stable-channel-update_28.html"
},
{
"name": "RHSA-2016:0707",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0707.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://crbug.com/603732"
},
{
"name": "GLSA-201605-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201605-02"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-04-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "extensions/renderer/gc_callback.cc in Google Chrome before 50.0.2661.94 does not prevent fallback execution once the Garbage Collection callback has started, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via unknown vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-04-26T09:57:01",
"orgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
"shortName": "Chrome"
},
"references": [
{
"name": "openSUSE-SU-2016:1208",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00003.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://codereview.chromium.org/1887423002"
},
{
"name": "DSA-3564",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2016/dsa-3564"
},
{
"name": "openSUSE-SU-2016:1655",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00048.html"
},
{
"name": "openSUSE-SU-2016:1209",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00004.html"
},
{
"name": "89106",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/89106"
},
{
"name": "openSUSE-SU-2016:1207",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00002.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://googlechromereleases.blogspot.com/2016/04/stable-channel-update_28.html"
},
{
"name": "RHSA-2016:0707",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0707.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://crbug.com/603732"
},
{
"name": "GLSA-201605-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201605-02"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@google.com",
"ID": "CVE-2016-1662",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "extensions/renderer/gc_callback.cc in Google Chrome before 50.0.2661.94 does not prevent fallback execution once the Garbage Collection callback has started, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via unknown vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "openSUSE-SU-2016:1208",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00003.html"
},
{
"name": "https://codereview.chromium.org/1887423002",
"refsource": "CONFIRM",
"url": "https://codereview.chromium.org/1887423002"
},
{
"name": "DSA-3564",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2016/dsa-3564"
},
{
"name": "openSUSE-SU-2016:1655",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00048.html"
},
{
"name": "openSUSE-SU-2016:1209",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00004.html"
},
{
"name": "89106",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/89106"
},
{
"name": "openSUSE-SU-2016:1207",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00002.html"
},
{
"name": "http://googlechromereleases.blogspot.com/2016/04/stable-channel-update_28.html",
"refsource": "CONFIRM",
"url": "http://googlechromereleases.blogspot.com/2016/04/stable-channel-update_28.html"
},
{
"name": "RHSA-2016:0707",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0707.html"
},
{
"name": "https://crbug.com/603732",
"refsource": "CONFIRM",
"url": "https://crbug.com/603732"
},
{
"name": "GLSA-201605-02",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201605-02"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
"assignerShortName": "Chrome",
"cveId": "CVE-2016-1662",
"datePublished": "2016-05-14T21:00:00",
"dateReserved": "2016-01-12T00:00:00",
"dateUpdated": "2024-08-05T23:02:12.361Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-1664 (GCVE-0-2016-1664)
Vulnerability from nvd – Published: 2016-05-14 21:00 – Updated: 2024-08-05 23:02
VLAI?
Summary
The HistoryController::UpdateForCommit function in content/renderer/history_controller.cc in Google Chrome before 50.0.2661.94 mishandles the interaction between subframe forward navigations and other forward navigations, which allows remote attackers to spoof the address bar via a crafted web site.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T23:02:12.369Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "openSUSE-SU-2016:1208",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00003.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://crbug.com/597322"
},
{
"name": "DSA-3564",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2016/dsa-3564"
},
{
"name": "openSUSE-SU-2016:1655",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00048.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://codereview.chromium.org/1848813005/"
},
{
"name": "openSUSE-SU-2016:1209",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00004.html"
},
{
"name": "89106",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/89106"
},
{
"name": "openSUSE-SU-2016:1207",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00002.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://googlechromereleases.blogspot.com/2016/04/stable-channel-update_28.html"
},
{
"name": "RHSA-2016:0707",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0707.html"
},
{
"name": "GLSA-201605-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201605-02"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-04-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The HistoryController::UpdateForCommit function in content/renderer/history_controller.cc in Google Chrome before 50.0.2661.94 mishandles the interaction between subframe forward navigations and other forward navigations, which allows remote attackers to spoof the address bar via a crafted web site."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-04-26T09:57:01",
"orgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
"shortName": "Chrome"
},
"references": [
{
"name": "openSUSE-SU-2016:1208",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00003.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://crbug.com/597322"
},
{
"name": "DSA-3564",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2016/dsa-3564"
},
{
"name": "openSUSE-SU-2016:1655",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00048.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://codereview.chromium.org/1848813005/"
},
{
"name": "openSUSE-SU-2016:1209",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00004.html"
},
{
"name": "89106",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/89106"
},
{
"name": "openSUSE-SU-2016:1207",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00002.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://googlechromereleases.blogspot.com/2016/04/stable-channel-update_28.html"
},
{
"name": "RHSA-2016:0707",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0707.html"
},
{
"name": "GLSA-201605-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201605-02"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@google.com",
"ID": "CVE-2016-1664",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The HistoryController::UpdateForCommit function in content/renderer/history_controller.cc in Google Chrome before 50.0.2661.94 mishandles the interaction between subframe forward navigations and other forward navigations, which allows remote attackers to spoof the address bar via a crafted web site."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "openSUSE-SU-2016:1208",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00003.html"
},
{
"name": "https://crbug.com/597322",
"refsource": "CONFIRM",
"url": "https://crbug.com/597322"
},
{
"name": "DSA-3564",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2016/dsa-3564"
},
{
"name": "openSUSE-SU-2016:1655",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00048.html"
},
{
"name": "https://codereview.chromium.org/1848813005/",
"refsource": "CONFIRM",
"url": "https://codereview.chromium.org/1848813005/"
},
{
"name": "openSUSE-SU-2016:1209",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00004.html"
},
{
"name": "89106",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/89106"
},
{
"name": "openSUSE-SU-2016:1207",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00002.html"
},
{
"name": "http://googlechromereleases.blogspot.com/2016/04/stable-channel-update_28.html",
"refsource": "CONFIRM",
"url": "http://googlechromereleases.blogspot.com/2016/04/stable-channel-update_28.html"
},
{
"name": "RHSA-2016:0707",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0707.html"
},
{
"name": "GLSA-201605-02",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201605-02"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
"assignerShortName": "Chrome",
"cveId": "CVE-2016-1664",
"datePublished": "2016-05-14T21:00:00",
"dateReserved": "2016-01-12T00:00:00",
"dateUpdated": "2024-08-05T23:02:12.369Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-1665 (GCVE-0-2016-1665)
Vulnerability from nvd – Published: 2016-05-14 21:00 – Updated: 2024-08-05 23:02
VLAI?
Summary
The JSGenericLowering class in compiler/js-generic-lowering.cc in Google V8, as used in Google Chrome before 50.0.2661.94, mishandles comparison operators, which allows remote attackers to obtain sensitive information via crafted JavaScript code.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T23:02:12.872Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "openSUSE-SU-2016:1208",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00003.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://crbug.com/606181"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://codereview.chromium.org/1925463003"
},
{
"name": "DSA-3564",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2016/dsa-3564"
},
{
"name": "openSUSE-SU-2016:1655",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00048.html"
},
{
"name": "openSUSE-SU-2016:1209",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00004.html"
},
{
"name": "USN-2960-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2960-1"
},
{
"name": "89106",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/89106"
},
{
"name": "openSUSE-SU-2016:1207",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00002.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://googlechromereleases.blogspot.com/2016/04/stable-channel-update_28.html"
},
{
"name": "RHSA-2016:0707",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0707.html"
},
{
"name": "GLSA-201605-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201605-02"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-04-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The JSGenericLowering class in compiler/js-generic-lowering.cc in Google V8, as used in Google Chrome before 50.0.2661.94, mishandles comparison operators, which allows remote attackers to obtain sensitive information via crafted JavaScript code."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-04-26T09:57:01",
"orgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
"shortName": "Chrome"
},
"references": [
{
"name": "openSUSE-SU-2016:1208",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00003.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://crbug.com/606181"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://codereview.chromium.org/1925463003"
},
{
"name": "DSA-3564",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2016/dsa-3564"
},
{
"name": "openSUSE-SU-2016:1655",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00048.html"
},
{
"name": "openSUSE-SU-2016:1209",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00004.html"
},
{
"name": "USN-2960-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2960-1"
},
{
"name": "89106",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/89106"
},
{
"name": "openSUSE-SU-2016:1207",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00002.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://googlechromereleases.blogspot.com/2016/04/stable-channel-update_28.html"
},
{
"name": "RHSA-2016:0707",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0707.html"
},
{
"name": "GLSA-201605-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201605-02"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@google.com",
"ID": "CVE-2016-1665",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The JSGenericLowering class in compiler/js-generic-lowering.cc in Google V8, as used in Google Chrome before 50.0.2661.94, mishandles comparison operators, which allows remote attackers to obtain sensitive information via crafted JavaScript code."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "openSUSE-SU-2016:1208",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00003.html"
},
{
"name": "https://crbug.com/606181",
"refsource": "CONFIRM",
"url": "https://crbug.com/606181"
},
{
"name": "https://codereview.chromium.org/1925463003",
"refsource": "CONFIRM",
"url": "https://codereview.chromium.org/1925463003"
},
{
"name": "DSA-3564",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2016/dsa-3564"
},
{
"name": "openSUSE-SU-2016:1655",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00048.html"
},
{
"name": "openSUSE-SU-2016:1209",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00004.html"
},
{
"name": "USN-2960-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2960-1"
},
{
"name": "89106",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/89106"
},
{
"name": "openSUSE-SU-2016:1207",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00002.html"
},
{
"name": "http://googlechromereleases.blogspot.com/2016/04/stable-channel-update_28.html",
"refsource": "CONFIRM",
"url": "http://googlechromereleases.blogspot.com/2016/04/stable-channel-update_28.html"
},
{
"name": "RHSA-2016:0707",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0707.html"
},
{
"name": "GLSA-201605-02",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201605-02"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
"assignerShortName": "Chrome",
"cveId": "CVE-2016-1665",
"datePublished": "2016-05-14T21:00:00",
"dateReserved": "2016-01-12T00:00:00",
"dateUpdated": "2024-08-05T23:02:12.872Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-1661 (GCVE-0-2016-1661)
Vulnerability from nvd – Published: 2016-05-14 21:00 – Updated: 2024-08-05 23:02
VLAI?
Summary
Blink, as used in Google Chrome before 50.0.2661.94, does not ensure that frames satisfy a check for the same renderer process in addition to a Same Origin Policy check, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted web site, related to BindingSecurity.cpp and DOMWindow.cpp.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T23:02:12.442Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "openSUSE-SU-2016:1208",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00003.html"
},
{
"name": "DSA-3564",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2016/dsa-3564"
},
{
"name": "openSUSE-SU-2016:1655",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00048.html"
},
{
"name": "openSUSE-SU-2016:1209",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00004.html"
},
{
"name": "USN-2960-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2960-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://codereview.chromium.org/1887553002/"
},
{
"name": "89106",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/89106"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://crbug.com/601629"
},
{
"name": "openSUSE-SU-2016:1207",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00002.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://googlechromereleases.blogspot.com/2016/04/stable-channel-update_28.html"
},
{
"name": "RHSA-2016:0707",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0707.html"
},
{
"name": "GLSA-201605-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201605-02"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-04-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Blink, as used in Google Chrome before 50.0.2661.94, does not ensure that frames satisfy a check for the same renderer process in addition to a Same Origin Policy check, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted web site, related to BindingSecurity.cpp and DOMWindow.cpp."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-04-26T09:57:01",
"orgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
"shortName": "Chrome"
},
"references": [
{
"name": "openSUSE-SU-2016:1208",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00003.html"
},
{
"name": "DSA-3564",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2016/dsa-3564"
},
{
"name": "openSUSE-SU-2016:1655",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00048.html"
},
{
"name": "openSUSE-SU-2016:1209",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00004.html"
},
{
"name": "USN-2960-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2960-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://codereview.chromium.org/1887553002/"
},
{
"name": "89106",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/89106"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://crbug.com/601629"
},
{
"name": "openSUSE-SU-2016:1207",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00002.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://googlechromereleases.blogspot.com/2016/04/stable-channel-update_28.html"
},
{
"name": "RHSA-2016:0707",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0707.html"
},
{
"name": "GLSA-201605-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201605-02"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@google.com",
"ID": "CVE-2016-1661",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Blink, as used in Google Chrome before 50.0.2661.94, does not ensure that frames satisfy a check for the same renderer process in addition to a Same Origin Policy check, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted web site, related to BindingSecurity.cpp and DOMWindow.cpp."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "openSUSE-SU-2016:1208",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00003.html"
},
{
"name": "DSA-3564",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2016/dsa-3564"
},
{
"name": "openSUSE-SU-2016:1655",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00048.html"
},
{
"name": "openSUSE-SU-2016:1209",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00004.html"
},
{
"name": "USN-2960-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2960-1"
},
{
"name": "https://codereview.chromium.org/1887553002/",
"refsource": "CONFIRM",
"url": "https://codereview.chromium.org/1887553002/"
},
{
"name": "89106",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/89106"
},
{
"name": "https://crbug.com/601629",
"refsource": "CONFIRM",
"url": "https://crbug.com/601629"
},
{
"name": "openSUSE-SU-2016:1207",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00002.html"
},
{
"name": "http://googlechromereleases.blogspot.com/2016/04/stable-channel-update_28.html",
"refsource": "CONFIRM",
"url": "http://googlechromereleases.blogspot.com/2016/04/stable-channel-update_28.html"
},
{
"name": "RHSA-2016:0707",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0707.html"
},
{
"name": "GLSA-201605-02",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201605-02"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
"assignerShortName": "Chrome",
"cveId": "CVE-2016-1661",
"datePublished": "2016-05-14T21:00:00",
"dateReserved": "2016-01-12T00:00:00",
"dateUpdated": "2024-08-05T23:02:12.442Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-1666 (GCVE-0-2016-1666)
Vulnerability from nvd – Published: 2016-05-14 21:00 – Updated: 2024-08-05 23:02
VLAI?
Summary
Multiple unspecified vulnerabilities in Google Chrome before 50.0.2661.94 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T23:02:12.843Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugs.chromium.org/p/chromium/issues/detail?id=601001"
},
{
"name": "openSUSE-SU-2016:1208",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00003.html"
},
{
"name": "DSA-3564",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2016/dsa-3564"
},
{
"name": "openSUSE-SU-2016:1655",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00048.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugs.chromium.org/p/chromium/issues/detail?id=605491"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://crbug.com/607652"
},
{
"name": "openSUSE-SU-2016:1209",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00004.html"
},
{
"name": "USN-2960-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2960-1"
},
{
"name": "89106",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/89106"
},
{
"name": "openSUSE-SU-2016:1207",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00002.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://googlechromereleases.blogspot.com/2016/04/stable-channel-update_28.html"
},
{
"name": "RHSA-2016:0707",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0707.html"
},
{
"name": "GLSA-201605-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201605-02"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-04-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple unspecified vulnerabilities in Google Chrome before 50.0.2661.94 allow attackers to cause a denial of service or possibly have other impact via unknown vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-04-26T09:57:01",
"orgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
"shortName": "Chrome"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugs.chromium.org/p/chromium/issues/detail?id=601001"
},
{
"name": "openSUSE-SU-2016:1208",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00003.html"
},
{
"name": "DSA-3564",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2016/dsa-3564"
},
{
"name": "openSUSE-SU-2016:1655",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00048.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugs.chromium.org/p/chromium/issues/detail?id=605491"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://crbug.com/607652"
},
{
"name": "openSUSE-SU-2016:1209",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00004.html"
},
{
"name": "USN-2960-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2960-1"
},
{
"name": "89106",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/89106"
},
{
"name": "openSUSE-SU-2016:1207",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00002.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://googlechromereleases.blogspot.com/2016/04/stable-channel-update_28.html"
},
{
"name": "RHSA-2016:0707",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0707.html"
},
{
"name": "GLSA-201605-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201605-02"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@google.com",
"ID": "CVE-2016-1666",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple unspecified vulnerabilities in Google Chrome before 50.0.2661.94 allow attackers to cause a denial of service or possibly have other impact via unknown vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugs.chromium.org/p/chromium/issues/detail?id=601001",
"refsource": "CONFIRM",
"url": "https://bugs.chromium.org/p/chromium/issues/detail?id=601001"
},
{
"name": "openSUSE-SU-2016:1208",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00003.html"
},
{
"name": "DSA-3564",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2016/dsa-3564"
},
{
"name": "openSUSE-SU-2016:1655",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00048.html"
},
{
"name": "https://bugs.chromium.org/p/chromium/issues/detail?id=605491",
"refsource": "CONFIRM",
"url": "https://bugs.chromium.org/p/chromium/issues/detail?id=605491"
},
{
"name": "https://crbug.com/607652",
"refsource": "CONFIRM",
"url": "https://crbug.com/607652"
},
{
"name": "openSUSE-SU-2016:1209",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00004.html"
},
{
"name": "USN-2960-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2960-1"
},
{
"name": "89106",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/89106"
},
{
"name": "openSUSE-SU-2016:1207",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00002.html"
},
{
"name": "http://googlechromereleases.blogspot.com/2016/04/stable-channel-update_28.html",
"refsource": "CONFIRM",
"url": "http://googlechromereleases.blogspot.com/2016/04/stable-channel-update_28.html"
},
{
"name": "RHSA-2016:0707",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0707.html"
},
{
"name": "GLSA-201605-02",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201605-02"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
"assignerShortName": "Chrome",
"cveId": "CVE-2016-1666",
"datePublished": "2016-05-14T21:00:00",
"dateReserved": "2016-01-12T00:00:00",
"dateUpdated": "2024-08-05T23:02:12.843Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-1663 (GCVE-0-2016-1663)
Vulnerability from nvd – Published: 2016-05-14 21:00 – Updated: 2024-08-05 23:02
VLAI?
Summary
The SerializedScriptValue::transferArrayBuffers function in WebKit/Source/bindings/core/v8/SerializedScriptValue.cpp in the V8 bindings in Blink, as used in Google Chrome before 50.0.2661.94, mishandles certain array-buffer data structures, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted web site.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T23:02:12.880Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://crbug.com/603987"
},
{
"name": "openSUSE-SU-2016:1208",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00003.html"
},
{
"name": "DSA-3564",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2016/dsa-3564"
},
{
"name": "openSUSE-SU-2016:1655",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00048.html"
},
{
"name": "openSUSE-SU-2016:1209",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00004.html"
},
{
"name": "USN-2960-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2960-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://codereview.chromium.org/1904913002/"
},
{
"name": "89106",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/89106"
},
{
"name": "openSUSE-SU-2016:1207",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00002.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://googlechromereleases.blogspot.com/2016/04/stable-channel-update_28.html"
},
{
"name": "RHSA-2016:0707",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0707.html"
},
{
"name": "GLSA-201605-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201605-02"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-04-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The SerializedScriptValue::transferArrayBuffers function in WebKit/Source/bindings/core/v8/SerializedScriptValue.cpp in the V8 bindings in Blink, as used in Google Chrome before 50.0.2661.94, mishandles certain array-buffer data structures, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted web site."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-04-26T09:57:01",
"orgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
"shortName": "Chrome"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://crbug.com/603987"
},
{
"name": "openSUSE-SU-2016:1208",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00003.html"
},
{
"name": "DSA-3564",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2016/dsa-3564"
},
{
"name": "openSUSE-SU-2016:1655",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00048.html"
},
{
"name": "openSUSE-SU-2016:1209",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00004.html"
},
{
"name": "USN-2960-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2960-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://codereview.chromium.org/1904913002/"
},
{
"name": "89106",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/89106"
},
{
"name": "openSUSE-SU-2016:1207",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00002.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://googlechromereleases.blogspot.com/2016/04/stable-channel-update_28.html"
},
{
"name": "RHSA-2016:0707",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0707.html"
},
{
"name": "GLSA-201605-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201605-02"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@google.com",
"ID": "CVE-2016-1663",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The SerializedScriptValue::transferArrayBuffers function in WebKit/Source/bindings/core/v8/SerializedScriptValue.cpp in the V8 bindings in Blink, as used in Google Chrome before 50.0.2661.94, mishandles certain array-buffer data structures, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted web site."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://crbug.com/603987",
"refsource": "CONFIRM",
"url": "https://crbug.com/603987"
},
{
"name": "openSUSE-SU-2016:1208",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00003.html"
},
{
"name": "DSA-3564",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2016/dsa-3564"
},
{
"name": "openSUSE-SU-2016:1655",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00048.html"
},
{
"name": "openSUSE-SU-2016:1209",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00004.html"
},
{
"name": "USN-2960-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2960-1"
},
{
"name": "https://codereview.chromium.org/1904913002/",
"refsource": "CONFIRM",
"url": "https://codereview.chromium.org/1904913002/"
},
{
"name": "89106",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/89106"
},
{
"name": "openSUSE-SU-2016:1207",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00002.html"
},
{
"name": "http://googlechromereleases.blogspot.com/2016/04/stable-channel-update_28.html",
"refsource": "CONFIRM",
"url": "http://googlechromereleases.blogspot.com/2016/04/stable-channel-update_28.html"
},
{
"name": "RHSA-2016:0707",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0707.html"
},
{
"name": "GLSA-201605-02",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201605-02"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
"assignerShortName": "Chrome",
"cveId": "CVE-2016-1663",
"datePublished": "2016-05-14T21:00:00",
"dateReserved": "2016-01-12T00:00:00",
"dateUpdated": "2024-08-05T23:02:12.880Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-8540 (GCVE-0-2015-8540)
Vulnerability from nvd – Published: 2016-04-14 14:00 – Updated: 2024-08-06 08:20
VLAI?
Summary
Integer underflow in the png_check_keyword function in pngwutil.c in libpng 0.90 through 0.99, 1.0.x before 1.0.66, 1.1.x and 1.2.x before 1.2.56, 1.3.x and 1.4.x before 1.4.19, and 1.5.x before 1.5.26 allows remote attackers to have unspecified impact via a space character as a keyword in a PNG image, which triggers an out-of-bounds read.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T08:20:42.512Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sourceforge.net/projects/libpng/files/libpng10/1.0.66/"
},
{
"name": "GLSA-201611-08",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201611-08"
},
{
"name": "[oss-security] 20151211 Re: Re: CVE request - read underflow in libpng 1.2.55, 1.0.65, 1.4.18, and 1.5.25 (pngwutil.c)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2015/12/11/2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sourceforge.net/p/libpng/code/ci/d9006f683c641793252d92254a75ae9b815b42ed/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sourceforge.net/projects/libpng/files/libpng15/1.5.26/"
},
{
"name": "RHSA-2016:1430",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2016:1430"
},
{
"name": "[oss-security] 20151210 CVE request - read underflow in libpng 1.2.55, 1.0.65, 1.4.18, and 1.5.25 (pngwutil.c)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2015/12/10/6"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sourceforge.net/projects/libpng/files/libpng14/1.4.19/"
},
{
"name": "[oss-security] 20151211 Re: CVE request - read underflow in libpng 1.2.55, 1.0.65, 1.4.18, and 1.5.25 (pngwutil.c)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2015/12/11/1"
},
{
"name": "[oss-security] 20151210 Re: CVE request - read underflow in libpng 1.2.55, 1.0.65, 1.4.18, and 1.5.25 (pngwutil.c)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2015/12/10/7"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sourceforge.net/projects/libpng/files/libpng12/1.2.56/"
},
{
"name": "DSA-3443",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2016/dsa-3443"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sourceforge.net/p/libpng/bugs/244/"
},
{
"name": "80592",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/80592"
},
{
"name": "[oss-security] 20151217 Re: CVE request - read underflow in libpng 1.2.55, 1.0.65, 1.4.18, and 1.5.25 (pngwutil.c)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2015/12/17/10"
},
{
"name": "FEDORA-2015-3868cfa17b",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-December/174435.html"
},
{
"name": "[bookkeeper-issues] 20210628 [GitHub] [bookkeeper] padma81 opened a new issue #2746: Security Vulnerabilities in CentOS 7 image, Upgrade image to CentOS 8",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E"
},
{
"name": "[bookkeeper-issues] 20210629 [GitHub] [bookkeeper] padma81 opened a new issue #2746: Security Vulnerabilities in CentOS 7 image, Upgrade image to CentOS 8",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-12-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Integer underflow in the png_check_keyword function in pngwutil.c in libpng 0.90 through 0.99, 1.0.x before 1.0.66, 1.1.x and 1.2.x before 1.2.56, 1.3.x and 1.4.x before 1.4.19, and 1.5.x before 1.5.26 allows remote attackers to have unspecified impact via a space character as a keyword in a PNG image, which triggers an out-of-bounds read."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-29T14:06:22",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sourceforge.net/projects/libpng/files/libpng10/1.0.66/"
},
{
"name": "GLSA-201611-08",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201611-08"
},
{
"name": "[oss-security] 20151211 Re: Re: CVE request - read underflow in libpng 1.2.55, 1.0.65, 1.4.18, and 1.5.25 (pngwutil.c)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2015/12/11/2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sourceforge.net/p/libpng/code/ci/d9006f683c641793252d92254a75ae9b815b42ed/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sourceforge.net/projects/libpng/files/libpng15/1.5.26/"
},
{
"name": "RHSA-2016:1430",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2016:1430"
},
{
"name": "[oss-security] 20151210 CVE request - read underflow in libpng 1.2.55, 1.0.65, 1.4.18, and 1.5.25 (pngwutil.c)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2015/12/10/6"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sourceforge.net/projects/libpng/files/libpng14/1.4.19/"
},
{
"name": "[oss-security] 20151211 Re: CVE request - read underflow in libpng 1.2.55, 1.0.65, 1.4.18, and 1.5.25 (pngwutil.c)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2015/12/11/1"
},
{
"name": "[oss-security] 20151210 Re: CVE request - read underflow in libpng 1.2.55, 1.0.65, 1.4.18, and 1.5.25 (pngwutil.c)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2015/12/10/7"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sourceforge.net/projects/libpng/files/libpng12/1.2.56/"
},
{
"name": "DSA-3443",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2016/dsa-3443"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sourceforge.net/p/libpng/bugs/244/"
},
{
"name": "80592",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/80592"
},
{
"name": "[oss-security] 20151217 Re: CVE request - read underflow in libpng 1.2.55, 1.0.65, 1.4.18, and 1.5.25 (pngwutil.c)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2015/12/17/10"
},
{
"name": "FEDORA-2015-3868cfa17b",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-December/174435.html"
},
{
"name": "[bookkeeper-issues] 20210628 [GitHub] [bookkeeper] padma81 opened a new issue #2746: Security Vulnerabilities in CentOS 7 image, Upgrade image to CentOS 8",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E"
},
{
"name": "[bookkeeper-issues] 20210629 [GitHub] [bookkeeper] padma81 opened a new issue #2746: Security Vulnerabilities in CentOS 7 image, Upgrade image to CentOS 8",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-8540",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Integer underflow in the png_check_keyword function in pngwutil.c in libpng 0.90 through 0.99, 1.0.x before 1.0.66, 1.1.x and 1.2.x before 1.2.56, 1.3.x and 1.4.x before 1.4.19, and 1.5.x before 1.5.26 allows remote attackers to have unspecified impact via a space character as a keyword in a PNG image, which triggers an out-of-bounds read."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://sourceforge.net/projects/libpng/files/libpng10/1.0.66/",
"refsource": "CONFIRM",
"url": "http://sourceforge.net/projects/libpng/files/libpng10/1.0.66/"
},
{
"name": "GLSA-201611-08",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201611-08"
},
{
"name": "[oss-security] 20151211 Re: Re: CVE request - read underflow in libpng 1.2.55, 1.0.65, 1.4.18, and 1.5.25 (pngwutil.c)",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/12/11/2"
},
{
"name": "http://sourceforge.net/p/libpng/code/ci/d9006f683c641793252d92254a75ae9b815b42ed/",
"refsource": "CONFIRM",
"url": "http://sourceforge.net/p/libpng/code/ci/d9006f683c641793252d92254a75ae9b815b42ed/"
},
{
"name": "http://sourceforge.net/projects/libpng/files/libpng15/1.5.26/",
"refsource": "CONFIRM",
"url": "http://sourceforge.net/projects/libpng/files/libpng15/1.5.26/"
},
{
"name": "RHSA-2016:1430",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2016:1430"
},
{
"name": "[oss-security] 20151210 CVE request - read underflow in libpng 1.2.55, 1.0.65, 1.4.18, and 1.5.25 (pngwutil.c)",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/12/10/6"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html"
},
{
"name": "http://sourceforge.net/projects/libpng/files/libpng14/1.4.19/",
"refsource": "CONFIRM",
"url": "http://sourceforge.net/projects/libpng/files/libpng14/1.4.19/"
},
{
"name": "[oss-security] 20151211 Re: CVE request - read underflow in libpng 1.2.55, 1.0.65, 1.4.18, and 1.5.25 (pngwutil.c)",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/12/11/1"
},
{
"name": "[oss-security] 20151210 Re: CVE request - read underflow in libpng 1.2.55, 1.0.65, 1.4.18, and 1.5.25 (pngwutil.c)",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/12/10/7"
},
{
"name": "http://sourceforge.net/projects/libpng/files/libpng12/1.2.56/",
"refsource": "CONFIRM",
"url": "http://sourceforge.net/projects/libpng/files/libpng12/1.2.56/"
},
{
"name": "DSA-3443",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2016/dsa-3443"
},
{
"name": "http://sourceforge.net/p/libpng/bugs/244/",
"refsource": "CONFIRM",
"url": "http://sourceforge.net/p/libpng/bugs/244/"
},
{
"name": "80592",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/80592"
},
{
"name": "[oss-security] 20151217 Re: CVE request - read underflow in libpng 1.2.55, 1.0.65, 1.4.18, and 1.5.25 (pngwutil.c)",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/12/17/10"
},
{
"name": "FEDORA-2015-3868cfa17b",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-December/174435.html"
},
{
"name": "[bookkeeper-issues] 20210628 [GitHub] [bookkeeper] padma81 opened a new issue #2746: Security Vulnerabilities in CentOS 7 image, Upgrade image to CentOS 8",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E"
},
{
"name": "[bookkeeper-issues] 20210629 [GitHub] [bookkeeper] padma81 opened a new issue #2746: Security Vulnerabilities in CentOS 7 image, Upgrade image to CentOS 8",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2015-8540",
"datePublished": "2016-04-14T14:00:00",
"dateReserved": "2015-12-10T00:00:00",
"dateUpdated": "2024-08-06T08:20:42.512Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-2051 (GCVE-0-2016-2051)
Vulnerability from nvd – Published: 2016-01-25 11:00 – Updated: 2024-08-05 23:17
VLAI?
Summary
Multiple unspecified vulnerabilities in Google V8 before 4.8.271.17, as used in Google Chrome before 48.0.2564.82, allow attackers to cause a denial of service or possibly have other impact via unknown vectors.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T23:17:50.336Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2016:0072",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0072.html"
},
{
"name": "USN-2877-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2877-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://googlechromereleases.blogspot.com/2016/01/stable-channel-update_20.html"
},
{
"name": "1034801",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1034801"
},
{
"name": "81431",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/81431"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-01-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple unspecified vulnerabilities in Google V8 before 4.8.271.17, as used in Google Chrome before 48.0.2564.82, allow attackers to cause a denial of service or possibly have other impact via unknown vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-05T14:57:01",
"orgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
"shortName": "Chrome"
},
"references": [
{
"name": "RHSA-2016:0072",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0072.html"
},
{
"name": "USN-2877-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2877-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://googlechromereleases.blogspot.com/2016/01/stable-channel-update_20.html"
},
{
"name": "1034801",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1034801"
},
{
"name": "81431",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/81431"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@google.com",
"ID": "CVE-2016-2051",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple unspecified vulnerabilities in Google V8 before 4.8.271.17, as used in Google Chrome before 48.0.2564.82, allow attackers to cause a denial of service or possibly have other impact via unknown vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2016:0072",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0072.html"
},
{
"name": "USN-2877-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2877-1"
},
{
"name": "http://googlechromereleases.blogspot.com/2016/01/stable-channel-update_20.html",
"refsource": "CONFIRM",
"url": "http://googlechromereleases.blogspot.com/2016/01/stable-channel-update_20.html"
},
{
"name": "1034801",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1034801"
},
{
"name": "81431",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/81431"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
"assignerShortName": "Chrome",
"cveId": "CVE-2016-2051",
"datePublished": "2016-01-25T11:00:00",
"dateReserved": "2016-01-24T00:00:00",
"dateUpdated": "2024-08-05T23:17:50.336Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}