The parser in Google V8, as used in Google Chrome before 53.0.2785.113, mishandles scopes, which allows remote attackers to obtain sensitive information from arbitrary memory locations via crafted JavaScript code.
References
Configurations
History
07 Nov 2023, 02:33
Type | Values Removed | Values Added |
---|---|---|
References | () http://www.debian.org/security/2016/dsa-3667 - | |
References | () http://www.securityfocus.com/bid/92942 - | |
References | () https://crbug.com/616386 - | |
References | () http://rhn.redhat.com/errata/RHSA-2016-1905.html - | |
References | () https://security.gentoo.org/glsa/201610-09 - | |
References | () https://googlechromereleases.blogspot.com/2016/09/stable-channel-update-for-desktop_13.html - | |
References | () https://codereview.chromium.org/2077283004 - | |
References | () http://www.securitytracker.com/id/1036826 - |
Information
Published : 2016-09-25 20:59
Updated : 2024-02-28 15:21
NVD link : CVE-2016-5172
Mitre link : CVE-2016-5172
CVE.ORG link : CVE-2016-5172
JSON object : View
Products Affected
- chrome
nodejs
- node.js
debian
- debian_linux
CWE
CWE-200
Exposure of Sensitive Information to an Unauthorized Actor