Vulnerability Details : CVE-2016-1660
Blink, as used in Google Chrome before 50.0.2661.94, mishandles assertions in the WTF::BitArray and WTF::double_conversion::Vector classes, which allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via a crafted web site.
Vulnerability category: Denial of service
Products affected by CVE-2016-1660
- cpe:2.3:o:redhat:enterprise_linux_desktop_supplementary:6.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server_supplementary:6.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_workstation_supplementary:6.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server_supplementary_eus:6.7z:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*
- cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2016-1660
1.36%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 78 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2016-1660
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
6.8
|
MEDIUM | AV:N/AC:M/Au:N/C:P/I:P/A:P |
8.6
|
6.4
|
NIST | |
|
8.8
|
HIGH | CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
2.8
|
5.9
|
NIST |
CWE ids for CVE-2016-1660
-
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.Assigned by: nvd@nist.gov (Primary)
References for CVE-2016-1660
-
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00002.html
[security-announce] openSUSE-SU-2016:1207-1: important: Security update
-
http://www.ubuntu.com/usn/USN-2960-1
USN-2960-1: Oxide vulnerabilities | Ubuntu security notices
-
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00048.html
[security-announce] openSUSE-SU-2016:1655-1: important: Security update
-
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00003.html
[security-announce] openSUSE-SU-2016:1208-1: important: Security update
-
https://codereview.chromium.org/1672603002
Issue 1672603002: Change assert to release assert for BitArray to prevent out-of-bounds access. - Code Review
-
http://www.securityfocus.com/bid/89106
Google Chrome Prior to 50.0.2661.94 Multiple Security Vulnerabilities
-
https://security.gentoo.org/glsa/201605-02
Chromium: Multiple vulnerabilities (GLSA 201605-02) — Gentoo security
-
http://googlechromereleases.blogspot.com/2016/04/stable-channel-update_28.html
Chrome Releases: Stable Channel Update
-
http://www.debian.org/security/2016/dsa-3564
Debian -- Security Information -- DSA-3564-1 chromium-browser
-
https://codereview.chromium.org/1677363002
Issue 1677363002: Change assert to release assert for WTF::double_conversion::Vector to prevent OOB memory access. - Code Review
-
https://crbug.com/574802
574802 - ASSERTION FAILED: index < arraySize - chromium - Monorail
-
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00004.html
[security-announce] openSUSE-SU-2016:1209-1: important: Security update
-
http://rhn.redhat.com/errata/RHSA-2016-0707.html
RHSA-2016:0707 - Security Advisory - Red Hat Customer Portal
Jump to