CVE-2016-5172 - OpenCVE

The parser in Google V8, as used in Google Chrome before 53.0.2785.113, mishandles scopes, which allows remote attackers to obtain sensitive information from arbitrary memory locations via crafted JavaScript code.

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction Required

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

AV:N/AC:M/Au:N/C:P/I:N/A:N

Vendors & Products
CPE Configurations

Vendors	Products
Debian	Debian Linux
Nodejs	Node.js
Google	Chrome

Configuration 1 [-]

cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*

Configuration 2 [-]

cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*

Configuration 3 [-]

OR	cpe:2.3:o:debian:debian_linux:8.0:::::::*
	cpe:2.3:o:debian:debian_linux:9.0:::::::*

References

Link	Resource
http://rhn.redhat.com/errata/RHSA-2016-1905.html
http://www.debian.org/security/2016/dsa-3667
http://www.securityfocus.com/bid/92942
http://www.securitytracker.com/id/1036826
https://codereview.chromium.org/2077283004
https://crbug.com/616386
https://googlechromereleases.blogspot.com/2016/09/stable-channel-update-for-desktop_13.html
https://security.gentoo.org/glsa/201610-09

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: Chrome

Published: 2016-09-25T20:00:00

Updated: 2018-01-04T19:57:01

Reserved: 2016-05-31T00:00:00

Link: CVE-2016-5172

JSON object: View

NVD Information

Status : Modified

Published: 2016-09-25T20:59:04.260

Modified: 2023-11-07T02:33:14.157

Link: CVE-2016-5172

JSON object: View

Redhat Information

No data.

CWE

CWE-200

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2016-09-13T00:00:00", "descriptions": [{"lang": "en", "value": "The parser in Google V8, as used in Google Chrome before 53.0.2785.113, mishandles scopes, which allows remote attackers to obtain sensitive information from arbitrary memory locations via crafted JavaScript code."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-01-04T19:57:01", "orgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", "shortName": "Chrome"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://crbug.com/616386"}, {"name": "DSA-3667", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2016/dsa-3667"}, {"name": "1036826", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id/1036826"}, {"name": "92942", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/92942"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://googlechromereleases.blogspot.com/2016/09/stable-channel-update-for-desktop_13.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://codereview.chromium.org/2077283004"}, {"name": "GLSA-201610-09", "tags": ["vendor-advisory", "x_refsource_GENTOO"], "url": "https://security.gentoo.org/glsa/201610-09"}, {"name": "RHSA-2016:1905", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://rhn.redhat.com/errata/RHSA-2016-1905.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security@google.com", "ID": "CVE-2016-5172", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The parser in Google V8, as used in Google Chrome before 53.0.2785.113, mishandles scopes, which allows remote attackers to obtain sensitive information from arbitrary memory locations via crafted JavaScript code."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://crbug.com/616386", "refsource": "CONFIRM", "url": "https://crbug.com/616386"}, {"name": "DSA-3667", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2016/dsa-3667"}, {"name": "1036826", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1036826"}, {"name": "92942", "refsource": "BID", "url": "http://www.securityfocus.com/bid/92942"}, {"name": "https://googlechromereleases.blogspot.com/2016/09/stable-channel-update-for-desktop_13.html", "refsource": "CONFIRM", "url": "https://googlechromereleases.blogspot.com/2016/09/stable-channel-update-for-desktop_13.html"}, {"name": "https://codereview.chromium.org/2077283004", "refsource": "CONFIRM", "url": "https://codereview.chromium.org/2077283004"}, {"name": "GLSA-201610-09", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201610-09"}, {"name": "RHSA-2016:1905", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-1905.html"}]}}}}, "cveMetadata": {"assignerOrgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", "assignerShortName": "Chrome", "cveId": "CVE-2016-5172", "datePublished": "2016-09-25T20:00:00", "dateReserved": "2016-05-31T00:00:00", "dateUpdated": "2018-01-04T19:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*", "matchCriteriaId": "AC271026-1CD7-42F7-8754-1C5144AD590B", "versionEndIncluding": "53.0.2785.101", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*", "matchCriteriaId": "D107EC29-67E7-40C3-8E5A-324C9105C5E4", "versionEndIncluding": "6.8.1", "versionStartIncluding": "6.0.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", "vulnerable": true}, {"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "The parser in Google V8, as used in Google Chrome before 53.0.2785.113, mishandles scopes, which allows remote attackers to obtain sensitive information from arbitrary memory locations via crafted JavaScript code."}, {"lang": "es", "value": "El analizador en Google V8, como se usa en Google Chrome en versiones anteriores a 53.0.2785.113, no maneja correctamente alcances, lo que permite a atacantes remotos obtener informaci\u00f3n sensible desde localizaciones de memoria arbitrarias a trav\u00e9s de un c\u00f3digo JavaScript manipulado."}], "id": "CVE-2016-5172", "lastModified": "2023-11-07T02:33:14.157", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2016-09-25T20:59:04.260", "references": [{"source": "chrome-cve-admin@google.com", "url": "http://rhn.redhat.com/errata/RHSA-2016-1905.html"}, {"source": "chrome-cve-admin@google.com", "url": "http://www.debian.org/security/2016/dsa-3667"}, {"source": "chrome-cve-admin@google.com", "url": "http://www.securityfocus.com/bid/92942"}, {"source": "chrome-cve-admin@google.com", "url": "http://www.securitytracker.com/id/1036826"}, {"source": "chrome-cve-admin@google.com", "url": "https://codereview.chromium.org/2077283004"}, {"source": "chrome-cve-admin@google.com", "url": "https://crbug.com/616386"}, {"source": "chrome-cve-admin@google.com", "url": "https://googlechromereleases.blogspot.com/2016/09/stable-channel-update-for-desktop_13.html"}, {"source": "chrome-cve-admin@google.com", "url": "https://security.gentoo.org/glsa/201610-09"}], "sourceIdentifier": "chrome-cve-admin@google.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-200"}], "source": "nvd@nist.gov", "type": "Primary"}]}