what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 12 of 12 RSS Feed

CVE-2016-1669

Status Candidate

Overview

The Zone::New function in zone.cc in Google V8 before 5.0.71.47, as used in Google Chrome before 50.0.2661.102, does not properly determine when to expand certain memory allocations, which allows remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via crafted JavaScript code.

Related Files

Red Hat Security Advisory 2018-0336-01
Posted Feb 20, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-0336-01 - Red Hat Satellite is a systems management tool for Linux-based infrastructure. It allows for provisioning, remote management, and monitoring of multiple Linux deployments with a single centralized tool. This update provides Satellite 6.3 packages for Red Hat Enterprise Linux 7 Satellite server. For the full list of new features provided by Satellite 6.3, see the Release Notes linked to in the references section. See the Satellite 6 Installation Guide for detailed instructions on how to install a new Satellite 6.3 environment, or the Satellite 6 Upgrading and Updating guide for detailed instructions on how to upgrade from prior versions of Satellite 6.

tags | advisory, remote
systems | linux, redhat
advisories | CVE-2013-6459, CVE-2014-8183, CVE-2016-1669, CVE-2016-3693, CVE-2016-3696, CVE-2016-3704, CVE-2016-4451, CVE-2016-4995, CVE-2016-4996, CVE-2016-6319, CVE-2016-8639, CVE-2016-9593, CVE-2016-9595, CVE-2017-2667, CVE-2017-2672
SHA-256 | f33fdbb9f17a9910f6bb8747cd69b73e5a65222f0d44324a839bac58722b9798
Red Hat Security Advisory 2017-0882-01
Posted Apr 5, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-0882-01 - V8 is Google's open source JavaScript engine. V8 is written in C++ and is used in Google Chrome, the open source browser from Google. V8 implements ECMAScript as specified in ECMA-262, 3rd edition. Security Fix: An integer-overflow flaw was found in V8's Zone class when allocating new memory and Zone::NewExpand()). An attacker with the ability to manipulate a large zone could crash the application or, potentially, execute arbitrary code with the application privileges.

tags | advisory, overflow, arbitrary, javascript
systems | linux, redhat
advisories | CVE-2016-1669
SHA-256 | b674a25c203085102059e046eef50d9ddd2935f8aeff93d3a82c1b92766c6b11
Red Hat Security Advisory 2017-0880-01
Posted Apr 5, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-0880-01 - V8 is Google's open source JavaScript engine. V8 is written in C++ and is used in Google Chrome, the open source browser from Google. V8 implements ECMAScript as specified in ECMA-262, 3rd edition. Security Fix: An integer-overflow flaw was found in V8's Zone class when allocating new memory and Zone::NewExpand()). An attacker with the ability to manipulate a large zone could crash the application or, potentially, execute arbitrary code with the application privileges.

tags | advisory, overflow, arbitrary, javascript
systems | linux, redhat
advisories | CVE-2016-1669
SHA-256 | b9bd3d751642aa95bc54de0d855132f51ca43ead478fb94dd12a4bd0281fe752
Red Hat Security Advisory 2017-0881-01
Posted Apr 5, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-0881-01 - V8 is Google's open source JavaScript engine. V8 is written in C++ and is used in Google Chrome, the open source browser from Google. V8 implements ECMAScript as specified in ECMA-262, 3rd edition. Security Fix: An integer-overflow flaw was found in V8's Zone class when allocating new memory and Zone::NewExpand()). An attacker with the ability to manipulate a large zone could crash the application or, potentially, execute arbitrary code with the application privileges.

tags | advisory, overflow, arbitrary, javascript
systems | linux, redhat
advisories | CVE-2016-1669
SHA-256 | bea0b64f2a4443e4c40404ed6aad20164128fc2a0cfcfd3afbadce45566f9ffb
Red Hat Security Advisory 2017-0879-01
Posted Apr 5, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-0879-01 - V8 is Google's open source JavaScript engine. V8 is written in C++ and is used in Google Chrome, the open source browser from Google. V8 implements ECMAScript as specified in ECMA-262, 3rd edition. Security Fix: An integer-overflow flaw was found in V8's Zone class when allocating new memory and Zone::NewExpand()). An attacker with the ability to manipulate a large zone could crash the application or, potentially, execute arbitrary code with the application privileges.

tags | advisory, overflow, arbitrary, javascript
systems | linux, redhat
advisories | CVE-2016-1669
SHA-256 | 9cf7b3d5d5e9c44892f94ab840b31ca88fb08221f05cbfb0fa79ca231c9666f2
Red Hat Security Advisory 2017-0002-01
Posted Jan 3, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-0002-01 - Node.js is a platform built on Chrome's JavaScript runtime for easily building fast, scalable network applications. Node.js uses an event-driven, non-blocking I/O model that makes it lightweight and efficient, perfect for data-intensive real-time applications that run across distributed devices. The following packages have been upgraded to a newer upstream version: rh-nodejs4-nodejs, rh-nodejs4-http-parser. Security Fix: It was found that Node.js' tls.checkServerIdentity() function did not properly validate server certificates containing wildcards. A malicious TLS server could use this flaw to get a specially crafted certificate accepted by a Node.js TLS client.

tags | advisory, web, javascript
systems | linux, redhat
advisories | CVE-2016-1669, CVE-2016-5180, CVE-2016-5325, CVE-2016-7099
SHA-256 | 487f8935425fab345c81e3d7c667d1f0fbea527ff25fc99538a766b46a2d968b
HP Security Bulletin HPSBGN03680 1
Posted Dec 1, 2016
Authored by HP | Site hp.com

HP Security Bulletin HPSBGN03680 1 - Potential security vulnerabilities were identified in HPE Propel. The vulnerabilities could be exploited locally to allow escalation of privilege or Denial of Service (DoS). Revision 1 of this advisory.

tags | advisory, denial of service, vulnerability
advisories | CVE-2016-1669, CVE-2016-4997, CVE-2016-5195
SHA-256 | 57a0b8f53e3c2c80c2ca5903690e675b6c3f71b3a6a625cac0aa6d580cc1d45d
Apple Security Advisory 2016-10-27-1
Posted Oct 28, 2016
Authored by Apple | Site apple.com

Apple Security Advisory 2016-10-27-1 - Xcode 8.1 is now available and addresses code execution vulnerabilities.

tags | advisory, vulnerability, code execution
systems | apple
advisories | CVE-2015-3193, CVE-2015-3194, CVE-2015-6764, CVE-2015-8027, CVE-2016-0702, CVE-2016-0705, CVE-2016-0797, CVE-2016-1669, CVE-2016-2086, CVE-2016-2216
SHA-256 | df4e9e18d07031af03162429c5cf5f429609a92fcbc73263b3a265198afd9ef3
Debian Security Advisory 3590-1
Posted Jun 1, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3590-1 - Several vulnerabilities have been discovered in the chromium web browser.

tags | advisory, web, vulnerability
systems | linux, debian
advisories | CVE-2016-1667, CVE-2016-1668, CVE-2016-1669, CVE-2016-1670, CVE-2016-1672, CVE-2016-1673, CVE-2016-1674, CVE-2016-1675, CVE-2016-1676, CVE-2016-1677, CVE-2016-1678, CVE-2016-1679, CVE-2016-1680, CVE-2016-1681, CVE-2016-1682, CVE-2016-1683, CVE-2016-1684, CVE-2016-1685, CVE-2016-1686, CVE-2016-1687, CVE-2016-1688, CVE-2016-1689, CVE-2016-1690, CVE-2016-1691, CVE-2016-1692, CVE-2016-1693, CVE-2016-1694, CVE-2016-1695
SHA-256 | 2eb8ab6a5247168fe00cbb95698acbd6ddd274b0ca4fa6a206624a6c2e994ad4
Ubuntu Security Notice USN-2960-1
Posted May 19, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2960-1 - An out of bounds write was discovered in Blink. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via renderer crash, or execute arbitrary code. It was discovered that Blink assumes that a frame which passes same-origin checks is local in some cases. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via renderer crash, or execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, local
systems | linux, ubuntu
advisories | CVE-2016-1660, CVE-2016-1661, CVE-2016-1663, CVE-2016-1665, CVE-2016-1666, CVE-2016-1667, CVE-2016-1668, CVE-2016-1669, CVE-2016-1670
SHA-256 | 8927d0b54e916b7294291432f529410e17c0583a0211c9e14a3cf41075200b01
Gentoo Linux Security Advisory 201605-02
Posted May 17, 2016
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201605-2 - Multiple vulnerabilities have been found in the Chromium web browser, the worst of which allows remote attackers to execute arbitrary code. Versions less than 50.0.2661.102 are affected.

tags | advisory, remote, web, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2016-1646, CVE-2016-1647, CVE-2016-1648, CVE-2016-1649, CVE-2016-1650, CVE-2016-1651, CVE-2016-1652, CVE-2016-1653, CVE-2016-1654, CVE-2016-1655, CVE-2016-1656, CVE-2016-1657, CVE-2016-1658, CVE-2016-1659, CVE-2016-1660, CVE-2016-1661, CVE-2016-1662, CVE-2016-1663, CVE-2016-1664, CVE-2016-1665, CVE-2016-1666, CVE-2016-1667, CVE-2016-1668, CVE-2016-1669, CVE-2016-1670, CVE-2016-1671
SHA-256 | 3d35e4f94f3e0d5fc1ec1b66fbcd0077314511b7d86948997867d9fcca1414b0
Red Hat Security Advisory 2016-1080-01
Posted May 13, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-1080-01 - Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to version 50.0.2661.102. Security Fix: Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Chromium to crash, execute arbitrary code, or disclose sensitive information when visited by the victim.

tags | advisory, web, arbitrary
systems | linux, redhat
advisories | CVE-2016-1667, CVE-2016-1668, CVE-2016-1669, CVE-2016-1670
SHA-256 | 96a2ef3caa485f8a2cd13aeccd168bd4739b6ebbd1bb2c0819aa0cf395192ca7
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    44 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close