Lucene search

[email protected]CVE-2015-6771

HistoryDec 06, 2015 - 1:59 a.m.

CVE-2015-6771

2015-12-0601:59:00

CWE-119

[email protected]

web.nvd.nist.gov

google v8

google chrome

cve-2015-6771

denial of service

remote attackers

javascript code

9.5 High

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.022 Low

EPSS

Percentile

89.3%

JSON

js/array.js in Google V8, as used in Google Chrome before 47.0.2526.73, improperly implements certain map and filter operations for arrays, which allows remote attackers to cause a denial of service (out-of-bounds memory access) or possibly have unspecified other impact via crafted JavaScript code.

CPENameOperatorVersion
google:chromegoogle chromele46.0.2490.86

CPE	Name	Operator	Version
google:chrome	google chrome	le	46.0.2490.86

References

googlechromereleases.blogspot.com/2015/12/stable-channel-update.html

lists.opensuse.org/opensuse-security-announce/2015-12/msg00016.html

lists.opensuse.org/opensuse-security-announce/2015-12/msg00017.html

www.debian.org/security/2015/dsa-3415

www.securitytracker.com/id/1034298

www.ubuntu.com/usn/USN-2825-1

chromium.googlesource.com/v8/v8/+/c227dd5734efa41e4973c834c910bb684a9e1998

code.google.com/p/chromium/issues/detail?id=544991

security.gentoo.org/glsa/201603-09

9.5 High

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.022 Low

EPSS

Percentile

89.3%

JSON

Related for CVE-2015-6771

ubuntucve1 prion1 debiancve1 nessus9 openvas9 ubuntu1 mageia1 osv1 debian2 archlinux1 threatpost1 redhat1 freebsd1 chrome1 suse2 gentoo1