4284 matches found
V8: Memory Corruption and Stack Overflow
It was discovered that V8 did not properly check the stack size limit in certain cases. A remote attacker able to send a request that caused a script executed by V8 to use deep recursion could trigger a stack overflow, leading to a crash of an application using V8...
v8: multiple vulnerabilities fixed in Google Chrome version 33.0.1750.149
Multiple unspecified vulnerabilities in Google V8 before 3.23.17.18, as used in Google Chrome before 33.0.1750.149, allow attackers to cause a denial of service or possibly have other impact via unknown vectors...
v8: IPC and v8 issue fixed in Google Chrome 38.0.2125.101
Google Chrome before 38.0.2125.101 and Chrome OS before 38.0.2125.101 do not properly handle the interaction of IPC and Google V8, which allows remote attackers to execute arbitrary code via vectors involving JSON data, related to improper parsing of an escaped index by ParseJsonObject in...
UBUNTU-CVE-2014-7967
Multiple unspecified vulnerabilities in Google V8 before 3.28.71.15, as used in Google Chrome before 38.0.2125.101, allow attackers to cause a denial of service or possibly have other impact via unknown vectors...
UBUNTU-CVE-2014-3188
Google Chrome before 38.0.2125.101 and Chrome OS before 38.0.2125.101 do not properly handle the interaction of IPC and Google V8, which allows remote attackers to execute arbitrary code via vectors involving JSON data, related to improper parsing of an escaped index by ParseJsonObject in...
UBUNTU-CVE-2014-3195
Google V8, as used in Google Chrome before 38.0.2125.101, does not properly track JavaScript heap-memory allocations as allocations of uninitialized memory and does not properly concatenate arrays of double-precision floating-point numbers, which allows remote attackers to obtain sensitive...
Google Chrome < 38.0.2125.101 Multiple Vulnerabilities
The version of Google Chrome installed on the remote host is a version prior to 37.0.2062.94. It is, therefore, affected by the following vulnerabilities : - A flaw exists in V8 and IPC that can lead to remote code execution. CVE-2014-3188 - Out-of-bounds read errors exist in PDFium. CVE-2014-318...
UBUNTU-CVE-2014-3176
Google Chrome before 37.0.2062.94 does not properly handle the interaction of extensions, IPC, the sync API, and Google V8, which allows remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-3177...
UBUNTU-CVE-2014-3177
Google Chrome before 37.0.2062.94 does not properly handle the interaction of extensions, IPC, the sync API, and Google V8, which allows remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-3176...
[SECURITY] Fedora 19 Update: v8-3.14.5.10-11.fc19
V8 is Google's open source JavaScript engine. V8 is written in C++ and is u sed in Google Chrome, the open source browser from Google. V8 implements ECMASc ript as specified in ECMA-262, 3rd edition...
pwn4fun Spring 2014 - Safari - Part I
Posted by Ian Beer Back in March this year I entered the pwn4fun hacking contest at CanSecWest http://www.pwn2own.com/2014/03/pwning-lulzand-charity/ targeting Safari running on a brand new MacBook Air. In this first post I’ll detail how I got code execution within the Safari renderer sandbox usi...
Avant Browser 11.7 Build 9 - JavaScript Engine Integer Overflow Vulnerability
source: http://www.securityfocus.com/bid/31155/info Avant Browser is prone to an integer-overflow vulnerability that occurs in the JavaScript engine. An attacker can exploit this issue by enticing an unsuspecting victim to view a malicious site. Successfully exploiting this issue may allow...
openSUSE Security Update : v8 (openSUSE-SU-2013:0241-1)
The JavaScript engine V8 was updated to 3.16.4.0 to fix lots of bugs and security issues. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update openSUSE-2013-79. The text description of this plugin ...
openSUSE Security Update : mozilla-xulrunner191 (mozilla-xulrunner191-4073)
Mozilla XULRunner 1.9.1 was updated to version 1.9.1.17, fixing various security issues. Following security issues were fixed: MFSA 2010-74 / CVE-2010-3777: Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products...
Google Chrome < 35.0.1916.114 Multiple Vulnerabilities (Mac OS X)
The version of Google Chrome installed on the remote Mac OS X host is a version prior to 35.0.1916.114. It is, therefore, affected by the following vulnerabilities : - Use-after-free errors exist related to 'styles' and 'SVG' handling. CVE-2014-1743, CVE-2014-1745 - An integer overflow error exis...
UBUNTU-CVE-2014-3152
Integer underflow in the LCodeGen::PrepareKeyedOperand function in arm/lithium-codegen-arm.cc in Google V8 before 3.25.28.16, as used in Google Chrome before 35.0.1916.114, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger a...
UBUNTU-CVE-2014-1736
Integer overflow in api.cc in Google V8, as used in Google Chrome before 34.0.1847.131 on Windows and OS X and before 34.0.1847.132 on Linux, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a large length value...
Google Chrome < 34.0.1847.131 Multiple Vulnerabilities (Mac OS X)
The version of Google Chrome installed on the remote Mac OS X host is a version prior to 34.0.1847.131. It is, therefore, affected by the following vulnerabilities : - A buffer overflow error exists related to the included version of Flash Player. CVE-2014-0515 - Type confusion errors exist relat...
Google Chrome < 34.0.1847.131 Multiple Vulnerabilities
The version of Google Chrome installed on the remote host is a version prior to 34.0.1847.131. It is, therefore, affected by the following vulnerabilities : - A buffer overflow error exists related to the included version of Flash Player. CVE-2014-0515 - Type confusion errors exist related to the...
Google Chrome < 34.0.1847.116 Multiple Vulnerabilities
Binary data 8208.pasl...