CVE-2016-5172

Published: 9/25/2016 Last updated: 8/6/2024 Reserved: 5/31/2016

The parser in Google V8, as used in Google Chrome before 53.0.2785.113, mishandles scopes, which allows remote attackers to obtain sensitive information from arbitrary memory locations via crafted JavaScript code.

CNA assigner: Chrome (ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28) Requested by: n/a

Opam packages affected (1)

conf-npm

Products affected (1)

Product	Vendor	Version
n/a	n/a	Snapdragon X55 5G Modem-RF System

References (16)

https://crbug.com/616386
http://www.debian.org/security/2016/dsa-3667
http://www.securitytracker.com/id/1036826
http://www.securityfocus.com/bid/92942
https://googlechromereleases.blogspot.com/2016/09/stable-channel-update-for-desktop_13.html
https://codereview.chromium.org/2077283004
https://security.gentoo.org/glsa/201610-09
http://rhn.redhat.com/errata/RHSA-2016-1905.html
https://crbug.com/616386
http://www.debian.org/security/2016/dsa-3667
http://www.securitytracker.com/id/1036826
http://www.securityfocus.com/bid/92942
https://googlechromereleases.blogspot.com/2016/09/stable-channel-update-for-desktop_13.html
https://codereview.chromium.org/2077283004
https://security.gentoo.org/glsa/201610-09
http://rhn.redhat.com/errata/RHSA-2016-1905.html