Lucene search

K

ChromeCVELIST:CVE-2016-1677

HistoryJun 05, 2016 - 11:00 p.m.

CVE-2016-1677

2016-06-0523:00:00

Chrome

www.cve.org

6.9 Medium

AI Score

Confidence

High

0.006 Low

EPSS

Percentile

79.4%

uri.js in Google V8 before 5.1.281.26, as used in Google Chrome before 51.0.2704.63, uses an incorrect array type, which allows remote attackers to obtain sensitive information by calling the decodeURI function and leveraging “type confusion.”

References

googlechromereleases.blogspot.com/2016/05/stable-channel-update_25.html

lists.opensuse.org/opensuse-security-announce/2016-05/msg00062.html

lists.opensuse.org/opensuse-security-announce/2016-05/msg00063.html

lists.opensuse.org/opensuse-security-announce/2016-06/msg00005.html

www.debian.org/security/2016/dsa-3590

www.securityfocus.com/bid/90876

www.securitytracker.com/id/1035981

www.ubuntu.com/usn/USN-2992-1

access.redhat.com/errata/RHSA-2016:1190

codereview.chromium.org/1936083002

crbug.com/602970

security.gentoo.org/glsa/201607-07

6.9 Medium

AI Score

Confidence

High

0.006 Low

EPSS

Percentile

79.4%

Related for CVELIST:CVE-2016-1677

prion1 ubuntucve1 nvd1 redhatcve1 cve1 debiancve1 ubuntu1 openvas9 nessus9 freebsd1 mageia1 threatpost1 kaspersky1 redhat1 suse3 gentoo1 chrome1 archlinux1 debian2 osv1