An out-of-bounds read in V8 in Google Chrome prior to 57.0.2987.133 for Linux, Windows, and Mac, and 57.0.2987.132 for Android, allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page, related to Array.prototype.indexOf.
The product reads data past the end, or before the beginning, of the intended buffer.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Chrome | * | 57.0.2987.133 (excluding) | |
Red Hat Enterprise Linux 6 Supplementary | RedHat | chromium-browser-0:57.0.2987.133-1.el6_9 | * |
Chromium-browser | Ubuntu | artful | * |
Chromium-browser | Ubuntu | bionic | * |
Chromium-browser | Ubuntu | cosmic | * |
Chromium-browser | Ubuntu | devel | * |
Chromium-browser | Ubuntu | precise | * |
Chromium-browser | Ubuntu | trusty | * |
Chromium-browser | Ubuntu | upstream | * |
Chromium-browser | Ubuntu | xenial | * |
Chromium-browser | Ubuntu | yakkety | * |
Chromium-browser | Ubuntu | zesty | * |
Libv8 | Ubuntu | precise | * |
Libv8-3.14 | Ubuntu | artful | * |
Libv8-3.14 | Ubuntu | bionic | * |
Libv8-3.14 | Ubuntu | cosmic | * |
Libv8-3.14 | Ubuntu | devel | * |
Libv8-3.14 | Ubuntu | esm-apps/bionic | * |
Libv8-3.14 | Ubuntu | esm-apps/xenial | * |
Libv8-3.14 | Ubuntu | trusty | * |
Libv8-3.14 | Ubuntu | upstream | * |
Libv8-3.14 | Ubuntu | xenial | * |
Libv8-3.14 | Ubuntu | yakkety | * |
Libv8-3.14 | Ubuntu | zesty | * |
Oxide-qt | Ubuntu | artful | * |
Oxide-qt | Ubuntu | esm-infra/xenial | * |
Oxide-qt | Ubuntu | trusty | * |
Oxide-qt | Ubuntu | vivid/stable-phone-overlay | * |
Oxide-qt | Ubuntu | xenial | * |
Oxide-qt | Ubuntu | yakkety | * |
Oxide-qt | Ubuntu | zesty | * |