Vulnerability Name: | CVE-2015-6764 (CCN-108361) | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Assigned: | 2015-11-25 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Published: | 2015-11-25 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Updated: | 2022-08-16 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Summary: | The BasicJsonStringifier::SerializeJSArray function in json-stringifier.h in the JSON stringifier in Google V8, as used in Google Chrome before 47.0.2526.73, improperly loads array elements, which allows remote attackers to cause a denial of service (out-of-bounds memory access) or possibly have unspecified other impact via crafted JavaScript code. | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
CVSS v3 Severity: | 9.8 Critical (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) 8.5 High (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)
3.9 Low (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C)
| ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
CVSS v2 Severity: | 7.5 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
| ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Vulnerability Type: | CWE-119 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Vulnerability Consequences: | Denial of Service | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
References: | Source: MITRE Type: CNA CVE-2015-6764 Source: CCN Type: Google Chrome Releases Web site Stable Channel Update Source: CONFIRM Type: Vendor Advisory http://googlechromereleases.blogspot.com/2015/12/stable-channel-update.html Source: SUSE Type: Mailing List, Third Party Advisory openSUSE-SU-2015:2290 Source: SUSE Type: Mailing List, Third Party Advisory openSUSE-SU-2015:2291 Source: SUSE Type: Mailing List, Third Party Advisory openSUSE-SU-2016:0138 Source: CCN Type: Node.js Web site Node.js Source: DEBIAN Type: Mailing List, Third Party Advisory DSA-3415 Source: CCN Type: IBM Security Bulletin 1972419 Multiple vulnerabilities in current releases of IBM SDK for Node.js Source: CCN Type: IBM Security Bulletin 1973447 Multiple vulnerabilities in current releases of IBM SDK for Node.js in IBM Bluemix Source: BID Type: Third Party Advisory, VDB Entry 78209 Source: CCN Type: BID-78209 Node.js CVE-2015-6764 Out of Bounds Denial of Service Vulnerability Source: SECTRACK Type: Third Party Advisory, VDB Entry 1034298 Source: CCN Type: Red Hat Bugzilla Bug 1285774 (CVE-2015-6764) CVE-2015-6764 nodejs: unspecified out-of-bounds access vulnerability Source: CONFIRM Type: Vendor Advisory https://chromium.googlesource.com/v8/v8/+/6df9a1db8c85ab63dee63879456b6027df53fabc Source: CONFIRM Type: Issue Tracking, Vendor Advisory https://code.google.com/p/chromium/issues/detail?id=554946 Source: CONFIRM Type: Vendor Advisory https://codereview.chromium.org/1440223002 Source: XF Type: UNKNOWN nodejs-cve20156764-dos(108361) Source: CCN Type: Node.js Blog, 2015-11-25 CVE-2015-8027 Denial of Service Vulnerability / CVE-2015-6764 V8 Out-of-bounds Access Vulnerability Source: CCN Type: Node.js Blog, 2015-12-04 December Security Release Summary Source: GENTOO Type: Third Party Advisory GLSA-201603-09 Source: CCN Type: Apple security document HT207268 About the security content of Xcode 8.1 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Vulnerable Configuration: | Configuration 1: Configuration 2: Configuration 3: Configuration RedHat 1: Configuration CCN 1: Denotes that component is vulnerable | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Oval Definitions | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
BACK |