The parser in Google V8, as used in Google Chrome before 53.0.2785.113, mishandles scopes, which allows remote attackers to obtain sensitive information from arbitrary memory locations via crafted JavaScript code.
References
Configurations
History
07 Nov 2023, 02:33
Type | Values Removed | Values Added |
---|---|---|
References | () http://www.securityfocus.com/bid/92942 - | |
References | () http://rhn.redhat.com/errata/RHSA-2016-1905.html - | |
References | () https://googlechromereleases.blogspot.com/2016/09/stable-channel-update-for-desktop_13.html - | |
References | () https://crbug.com/616386 - | |
References | () https://codereview.chromium.org/2077283004 - | |
References | () http://www.securitytracker.com/id/1036826 - | |
References | () https://security.gentoo.org/glsa/201610-09 - | |
References | () http://www.debian.org/security/2016/dsa-3667 - |
29 Aug 2022, 20:43
Type | Values Removed | Values Added |
---|---|---|
First Time |
Nodejs
Debian debian Linux Debian Nodejs node.js |
|
CPE | cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:* cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:* cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:* |
|
References | (REDHAT) http://rhn.redhat.com/errata/RHSA-2016-1905.html - Third Party Advisory | |
References | (GENTOO) https://security.gentoo.org/glsa/201610-09 - Third Party Advisory | |
References | (BID) http://www.securityfocus.com/bid/92942 - Third Party Advisory, VDB Entry | |
References | (DEBIAN) http://www.debian.org/security/2016/dsa-3667 - Third Party Advisory | |
References | (SECTRACK) http://www.securitytracker.com/id/1036826 - Third Party Advisory, VDB Entry |
Information
Published : 2016-09-25 20:59
Updated : 2023-12-10 11:46
NVD link : CVE-2016-5172
Mitre link : CVE-2016-5172
CVE.ORG link : CVE-2016-5172
JSON object : View
Products Affected
nodejs
- node.js
debian
- debian_linux
- chrome
CWE
CWE-200
Exposure of Sensitive Information to an Unauthorized Actor