Google V8 before 5.2.361.32, as used in Google Chrome before 52.0.2743.82, does not properly process left-trimmed objects, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via crafted JavaScript code.
Max CVSS
8.8
EPSS Score
2.53%
Published
2016-07-23
Updated
2017-09-01
Heap-based buffer overflow in the ByteArray::Get method in data/byte_array.cc in Google sfntly before 2016-06-10, as used in Google Chrome before 52.0.2743.82, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted SFNT font.
Max CVSS
8.8
EPSS Score
2.34%
Published
2016-07-23
Updated
2017-09-01
2 vulnerabilities found