Vulnerability Details : CVE-2016-1683
numbers.c in libxslt before 1.1.29, as used in Google Chrome before 51.0.2704.63, mishandles namespace nodes, which allows remote attackers to cause a denial of service (out-of-bounds heap memory access) or possibly have unspecified other impact via a crafted document.
Vulnerability category: OverflowDenial of service
Products affected by CVE-2016-1683
- cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
- cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*
- cpe:2.3:a:xmlsoft:libxslt:*:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
- cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*
- cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2016-1683
4.80%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 92 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2016-1683
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
5.1
|
MEDIUM | AV:N/AC:H/Au:N/C:P/I:P/A:P |
4.9
|
6.4
|
NIST | |
7.5
|
HIGH | CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H |
1.6
|
5.9
|
NIST |
CWE ids for CVE-2016-1683
-
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.Assigned by: nvd@nist.gov (Primary)
References for CVE-2016-1683
-
https://security.gentoo.org/glsa/201607-07
Chromium: Multiple vulnerabilities (GLSA 201607-07) — Gentoo security
-
https://support.apple.com/HT206905
About the security content of tvOS 9.2.2 - Apple Support
-
https://support.apple.com/HT206899
About the security content of iCloud for Windows 5.2.1 - Apple Support
-
https://support.apple.com/HT206903
About the security content of OS X El Capitan v10.11.6 and Security Update 2016-004 - Apple Support
-
http://lists.apple.com/archives/security-announce/2016/Jul/msg00003.html
Apple - Lists.apple.com
-
http://www.securityfocus.com/bid/90876
Google Chrome Prior to 51.0.2704.63 Multiple Security Vulnerabilities
-
https://bugzilla.redhat.com/show_bug.cgi?id=1340016
1340016 – (CVE-2016-1683) CVE-2016-1683 chromium-browser: out-of-bounds access in libxsltIssue Tracking
-
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00005.html
[security-announce] openSUSE-SU-2016:1496-1: important: Security updateThird Party Advisory
-
http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html
Apple - Lists.apple.com
-
https://support.apple.com/HT206902
About the security content of iOS 9.3.3 - Apple Support
-
http://www.debian.org/security/2016/dsa-3605
Debian -- Security Information -- DSA-3605-1 libxslt
-
http://lists.apple.com/archives/security-announce/2016/Jul/msg00001.html
Apple - Lists.apple.com
-
http://www.securityfocus.com/bid/91826
Apple iTunes APPLE-SA-2016-07-18-6 Multiple Memory Corruption Vulnerabilities
-
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00062.html
[security-announce] openSUSE-SU-2016:1430-1: important: Security updateThird Party Advisory
-
http://lists.apple.com/archives/security-announce/2016/Jul/msg00002.html
Apple - Lists.apple.com
-
http://www.securitytracker.com/id/1035981
Google Chrome Multiple Flaws Lets Remote Users Bypass Same-Origin Restrictions, Obtain Potentially Sensitive Information, and Execute Arbitrary Code - SecurityTrackerThird Party Advisory
-
https://crbug.com/583156
583156 - Security: Type confusion and UAF in libxslt - chromium - MonorailPermissions Required
-
https://support.apple.com/HT206901
About the security content of iTunes 12.4.2 for Windows - Apple Support
-
https://access.redhat.com/errata/RHSA-2016:1190
RHSA-2016:1190 - Security Advisory - Red Hat Customer PortalThird Party Advisory
-
http://lists.apple.com/archives/security-announce/2016/Jul/msg00005.html
Apple - Lists.apple.com
-
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SK4YNISS22MJY22YX5I6V2U63QZAUEHA/
[SECURITY] Fedora 30 Update: mingw-libxslt-1.1.33-1.fc30 - package-announce - Fedora Mailing-Lists
-
http://www.debian.org/security/2016/dsa-3590
Debian -- Security Information -- DSA-3590-1 chromium-browserThird Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00063.html
[security-announce] openSUSE-SU-2016:1433-1: important: Security updateThird Party Advisory
-
https://git.gnome.org/browse/libxslt/commit/?id=d182d8f6ba3071503d96ce17395c9d55871f0242
Fix xsltNumberFormatGetMultipleLevel (d182d8f6) · Commits · GNOME / libxslt · GitLab
-
http://www.ubuntu.com/usn/USN-2992-1
USN-2992-1: Oxide vulnerabilities | Ubuntu security noticesThird Party Advisory
-
http://googlechromereleases.blogspot.com/2016/05/stable-channel-update_25.html
Chrome Releases: Stable Channel UpdateVendor Advisory
-
https://support.apple.com/HT206904
About the security content of watchOS 2.2.2 - Apple Support
Jump to