9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
8.9 High
AI Score
Confidence
High
0.035 Low
EPSS
Percentile
91.6%
The Zone::New function in zone.cc in Google V8 before 5.0.71.47, as used in Google Chrome before 50.0.2661.102, does not properly determine when to expand certain memory allocations, which allows remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via crafted JavaScript code.
googlechromereleases.blogspot.com/2016/05/stable-channel-update.html
lists.opensuse.org/opensuse-security-announce/2016-05/msg00043.html
lists.opensuse.org/opensuse-security-announce/2016-05/msg00050.html
lists.opensuse.org/opensuse-security-announce/2016-06/msg00048.html
lists.opensuse.org/opensuse-updates/2016-07/msg00063.html
rhn.redhat.com/errata/RHSA-2016-1080.html
rhn.redhat.com/errata/RHSA-2017-0002.html
www.debian.org/security/2016/dsa-3590
www.securityfocus.com/bid/90584
www.securitytracker.com/id/1035872
www.ubuntu.com/usn/USN-2960-1
access.redhat.com/errata/RHSA-2017:0879
access.redhat.com/errata/RHSA-2017:0880
access.redhat.com/errata/RHSA-2017:0881
access.redhat.com/errata/RHSA-2017:0882
access.redhat.com/errata/RHSA-2018:0336
codereview.chromium.org/1945313002
crbug.com/606115
h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05347541
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CITS5GIUTNWVSUXMSORIAJJLQBEGL2CK/
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZPTKXI62OPCJCJGCSFMST4HIBQ27J72W/
security.gentoo.org/glsa/201605-02
9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
8.9 High
AI Score
Confidence
High
0.035 Low
EPSS
Percentile
91.6%