CVE-2016-1646 (GCVE-0-2016-1646)
Vulnerability from cvelistv5
Published
2016-03-29 10:00
Modified
2025-07-30 01:46
Severity ?
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CWE
  • n/a
Summary
The Array.prototype.concat implementation in builtins.cc in Google V8, as used in Google Chrome before 49.0.2623.108, does not properly consider element data types, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via crafted JavaScript code.
References
chrome-cve-admin@google.com http://googlechromereleases.blogspot.com/2016/03/stable-channel-update_24.html Release Notes, Vendor Advisory
chrome-cve-admin@google.com http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00000.html Mailing List, Third Party Advisory
chrome-cve-admin@google.com http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00001.html Mailing List, Third Party Advisory
chrome-cve-admin@google.com http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00039.html Mailing List, Third Party Advisory
chrome-cve-admin@google.com http://rhn.redhat.com/errata/RHSA-2016-0525.html Third Party Advisory
chrome-cve-admin@google.com http://www.debian.org/security/2016/dsa-3531 Mailing List, Third Party Advisory
chrome-cve-admin@google.com http://www.securitytracker.com/id/1035423 Broken Link, Third Party Advisory, VDB Entry
chrome-cve-admin@google.com http://www.ubuntu.com/usn/USN-2955-1 Third Party Advisory
chrome-cve-admin@google.com https://code.google.com/p/chromium/issues/detail?id=594574 Exploit, Issue Tracking, Mailing List
chrome-cve-admin@google.com https://codereview.chromium.org/1804963002/ Patch
chrome-cve-admin@google.com https://security.gentoo.org/glsa/201605-02 Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108 http://googlechromereleases.blogspot.com/2016/03/stable-channel-update_24.html Release Notes, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108 http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00000.html Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108 http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00001.html Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108 http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00039.html Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108 http://rhn.redhat.com/errata/RHSA-2016-0525.html Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108 http://www.debian.org/security/2016/dsa-3531 Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108 http://www.securitytracker.com/id/1035423 Broken Link, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108 http://www.ubuntu.com/usn/USN-2955-1 Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108 https://code.google.com/p/chromium/issues/detail?id=594574 Exploit, Issue Tracking, Mailing List
af854a3a-2127-422b-91ae-364da2661108 https://codereview.chromium.org/1804963002/ Patch
af854a3a-2127-422b-91ae-364da2661108 https://security.gentoo.org/glsa/201605-02 Third Party Advisory
Impacted products
Vendor Product Version
n/a n/a Version: n/a
CISA Known exploited vulnerability
Data from the Known Exploited Vulnerabilities Catalog

Date added: 2022-06-08

Due date: 2022-06-22

Required action: Apply updates per vendor instructions.

Used in ransomware: Unknown

Notes: https://nvd.nist.gov/vuln/detail/CVE-2016-1646

Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T23:02:12.453Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "RHSA-2016:0525",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2016-0525.html"
          },
          {
            "name": "openSUSE-SU-2016:0929",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00000.html"
          },
          {
            "name": "openSUSE-SU-2016:1059",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00039.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://googlechromereleases.blogspot.com/2016/03/stable-channel-update_24.html"
          },
          {
            "name": "DSA-3531",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2016/dsa-3531"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://codereview.chromium.org/1804963002/"
          },
          {
            "name": "1035423",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1035423"
          },
          {
            "name": "openSUSE-SU-2016:0930",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00001.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://code.google.com/p/chromium/issues/detail?id=594574"
          },
          {
            "name": "USN-2955-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2955-1"
          },
          {
            "name": "GLSA-201605-02",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/201605-02"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 8.8,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "REQUIRED",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2016-1646",
                "options": [
                  {
                    "Exploitation": "active"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-01-29T17:19:02.506820Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          },
          {
            "other": {
              "content": {
                "dateAdded": "2022-06-08",
                "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2016-1646"
              },
              "type": "kev"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-125",
                "description": "CWE-125 Out-of-bounds Read",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-07-30T01:46:39.965Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "timeline": [
          {
            "lang": "en",
            "time": "2022-06-08T00:00:00+00:00",
            "value": "CVE-2016-1646 added to CISA KEV"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-03-24T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "The Array.prototype.concat implementation in builtins.cc in Google V8, as used in Google Chrome before 49.0.2623.108, does not properly consider element data types, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via crafted JavaScript code."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2016-11-30T18:57:01.000Z",
        "orgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
        "shortName": "Chrome"
      },
      "references": [
        {
          "name": "RHSA-2016:0525",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2016-0525.html"
        },
        {
          "name": "openSUSE-SU-2016:0929",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00000.html"
        },
        {
          "name": "openSUSE-SU-2016:1059",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00039.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://googlechromereleases.blogspot.com/2016/03/stable-channel-update_24.html"
        },
        {
          "name": "DSA-3531",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2016/dsa-3531"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://codereview.chromium.org/1804963002/"
        },
        {
          "name": "1035423",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1035423"
        },
        {
          "name": "openSUSE-SU-2016:0930",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00001.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://code.google.com/p/chromium/issues/detail?id=594574"
        },
        {
          "name": "USN-2955-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2955-1"
        },
        {
          "name": "GLSA-201605-02",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "https://security.gentoo.org/glsa/201605-02"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@google.com",
          "ID": "CVE-2016-1646",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The Array.prototype.concat implementation in builtins.cc in Google V8, as used in Google Chrome before 49.0.2623.108, does not properly consider element data types, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via crafted JavaScript code."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "RHSA-2016:0525",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2016-0525.html"
            },
            {
              "name": "openSUSE-SU-2016:0929",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00000.html"
            },
            {
              "name": "openSUSE-SU-2016:1059",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00039.html"
            },
            {
              "name": "http://googlechromereleases.blogspot.com/2016/03/stable-channel-update_24.html",
              "refsource": "CONFIRM",
              "url": "http://googlechromereleases.blogspot.com/2016/03/stable-channel-update_24.html"
            },
            {
              "name": "DSA-3531",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2016/dsa-3531"
            },
            {
              "name": "https://codereview.chromium.org/1804963002/",
              "refsource": "CONFIRM",
              "url": "https://codereview.chromium.org/1804963002/"
            },
            {
              "name": "1035423",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1035423"
            },
            {
              "name": "openSUSE-SU-2016:0930",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00001.html"
            },
            {
              "name": "https://code.google.com/p/chromium/issues/detail?id=594574",
              "refsource": "CONFIRM",
              "url": "https://code.google.com/p/chromium/issues/detail?id=594574"
            },
            {
              "name": "USN-2955-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2955-1"
            },
            {
              "name": "GLSA-201605-02",
              "refsource": "GENTOO",
              "url": "https://security.gentoo.org/glsa/201605-02"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
    "assignerShortName": "Chrome",
    "cveId": "CVE-2016-1646",
    "datePublished": "2016-03-29T10:00:00.000Z",
    "dateReserved": "2016-01-12T00:00:00.000Z",
    "dateUpdated": "2025-07-30T01:46:39.965Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "cisa_known_exploited": {
      "cveID": "CVE-2016-1646",
      "cwes": "[\"CWE-119\"]",
      "dateAdded": "2022-06-08",
      "dueDate": "2022-06-22",
      "knownRansomwareCampaignUse": "Unknown",
      "notes": "https://nvd.nist.gov/vuln/detail/CVE-2016-1646",
      "product": "Chromium V8",
      "requiredAction": "Apply updates per vendor instructions.",
      "shortDescription": "Google Chromium V8 Engine contains an out-of-bounds read vulnerability that allows a remote attacker to cause a denial of service or possibly have another unspecified impact via crafted JavaScript code. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.",
      "vendorProject": "Google",
      "vulnerabilityName": "Google Chromium V8 Out-of-Bounds Read Vulnerability"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2016-1646\",\"sourceIdentifier\":\"chrome-cve-admin@google.com\",\"published\":\"2016-03-29T10:59:00.160\",\"lastModified\":\"2025-04-12T10:46:40.837\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The Array.prototype.concat implementation in builtins.cc in Google V8, as used in Google Chrome before 49.0.2623.108, does not properly consider element data types, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via crafted JavaScript code.\"},{\"lang\":\"es\",\"value\":\"La implementaci\u00f3n de Array.prototype.concat en builtins.cc en Google V8, tal como se utiliza en Google Chrome en versiones anteriores a 49.0.2623.108, no considera adecuadamante los tipos de datos del elemento, lo que permite a atacantes remotos provocar una denegaci\u00f3n de servicio (lectura fuera de rango) o posiblemente tener otro impacto no especificado a trav\u00e9s de c\u00f3digo JavaScript manipulado.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\",\"baseScore\":8.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":5.9},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\",\"baseScore\":8.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:C/I:C/A:C\",\"baseScore\":9.3,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":8.6,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"cisaExploitAdd\":\"2022-06-08\",\"cisaActionDue\":\"2022-06-22\",\"cisaRequiredAction\":\"Apply updates per vendor instructions.\",\"cisaVulnerabilityName\":\"Google Chromium V8 Out-of-Bounds Read Vulnerability\",\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-125\"}]},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-125\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DEECE5FC-CACF-4496-A3E7-164736409252\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*\",\"matchCriteriaId\":\"815D70A8-47D3-459C-A32C-9FEACA0659D1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E88A537F-F4D0-46B9-9E37-965233C2A355\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*\",\"matchCriteriaId\":\"7A5301BF-1402-4BE0-A0F8-69FBE79BC6D6\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"49.0.2623.108\",\"matchCriteriaId\":\"8D0E4F36-3A08-4A84-A0ED-C8BF1CD72EDD\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:suse:package_hub:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"284A8DA0-317B-4BBE-AECB-7E91BBF0DD3B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4863BE36-D16A-4D75-90D9-FD76DB5B48B7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A10BC294-9196-425F-9FB0-B1625465B47F\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_eus:6.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"967EC28A-607F-48F4-AD64-5E3041C768F0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9BBCD86A-E6C7-4444-9D74-F861084090F0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E5ED5807-55B7-47C5-97A6-03233F4FBC3A\"}]}]}],\"references\":[{\"url\":\"http://googlechromereleases.blogspot.com/2016/03/stable-channel-update_24.html\",\"source\":\"chrome-cve-admin@google.com\",\"tags\":[\"Release Notes\",\"Vendor Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00000.html\",\"source\":\"chrome-cve-admin@google.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00001.html\",\"source\":\"chrome-cve-admin@google.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00039.html\",\"source\":\"chrome-cve-admin@google.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2016-0525.html\",\"source\":\"chrome-cve-admin@google.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.debian.org/security/2016/dsa-3531\",\"source\":\"chrome-cve-admin@google.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.securitytracker.com/id/1035423\",\"source\":\"chrome-cve-admin@google.com\",\"tags\":[\"Broken Link\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.ubuntu.com/usn/USN-2955-1\",\"source\":\"chrome-cve-admin@google.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://code.google.com/p/chromium/issues/detail?id=594574\",\"source\":\"chrome-cve-admin@google.com\",\"tags\":[\"Exploit\",\"Issue Tracking\",\"Mailing List\"]},{\"url\":\"https://codereview.chromium.org/1804963002/\",\"source\":\"chrome-cve-admin@google.com\",\"tags\":[\"Patch\"]},{\"url\":\"https://security.gentoo.org/glsa/201605-02\",\"source\":\"chrome-cve-admin@google.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://googlechromereleases.blogspot.com/2016/03/stable-channel-update_24.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\",\"Vendor Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00000.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00001.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00039.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2016-0525.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.debian.org/security/2016/dsa-3531\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.securitytracker.com/id/1035423\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.ubuntu.com/usn/USN-2955-1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://code.google.com/p/chromium/issues/detail?id=594574\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Issue Tracking\",\"Mailing List\"]},{\"url\":\"https://codereview.chromium.org/1804963002/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://security.gentoo.org/glsa/201605-02\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"http://rhn.redhat.com/errata/RHSA-2016-0525.html\", \"name\": \"RHSA-2016:0525\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00000.html\", \"name\": \"openSUSE-SU-2016:0929\", \"tags\": [\"vendor-advisory\", \"x_refsource_SUSE\", \"x_transferred\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00039.html\", \"name\": \"openSUSE-SU-2016:1059\", \"tags\": [\"vendor-advisory\", \"x_refsource_SUSE\", \"x_transferred\"]}, {\"url\": \"http://googlechromereleases.blogspot.com/2016/03/stable-channel-update_24.html\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"http://www.debian.org/security/2016/dsa-3531\", \"name\": \"DSA-3531\", \"tags\": [\"vendor-advisory\", \"x_refsource_DEBIAN\", \"x_transferred\"]}, {\"url\": \"https://codereview.chromium.org/1804963002/\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"http://www.securitytracker.com/id/1035423\", \"name\": \"1035423\", \"tags\": [\"vdb-entry\", \"x_refsource_SECTRACK\", \"x_transferred\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00001.html\", \"name\": \"openSUSE-SU-2016:0930\", \"tags\": [\"vendor-advisory\", \"x_refsource_SUSE\", \"x_transferred\"]}, {\"url\": \"https://code.google.com/p/chromium/issues/detail?id=594574\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"http://www.ubuntu.com/usn/USN-2955-1\", \"name\": \"USN-2955-1\", \"tags\": [\"vendor-advisory\", \"x_refsource_UBUNTU\", \"x_transferred\"]}, {\"url\": \"https://security.gentoo.org/glsa/201605-02\", \"name\": \"GLSA-201605-02\", \"tags\": [\"vendor-advisory\", \"x_refsource_GENTOO\", \"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-05T23:02:12.453Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 8.8, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"REQUIRED\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2016-1646\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"active\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-01-29T17:19:02.506820Z\"}}}, {\"other\": {\"type\": \"kev\", \"content\": {\"dateAdded\": \"2022-06-08\", \"reference\": \"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2016-1646\"}}}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-125\", \"description\": \"CWE-125 Out-of-bounds Read\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-01-29T17:17:07.258Z\"}, \"timeline\": [{\"lang\": \"en\", \"time\": \"2022-06-08T00:00:00+00:00\", \"value\": \"CVE-2016-1646 added to CISA KEV\"}]}], \"cna\": {\"affected\": [{\"vendor\": \"n/a\", \"product\": \"n/a\", \"versions\": [{\"status\": \"affected\", \"version\": \"n/a\"}]}], \"datePublic\": \"2016-03-24T00:00:00.000Z\", \"references\": [{\"url\": \"http://rhn.redhat.com/errata/RHSA-2016-0525.html\", \"name\": \"RHSA-2016:0525\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00000.html\", \"name\": \"openSUSE-SU-2016:0929\", \"tags\": [\"vendor-advisory\", \"x_refsource_SUSE\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00039.html\", \"name\": \"openSUSE-SU-2016:1059\", \"tags\": [\"vendor-advisory\", \"x_refsource_SUSE\"]}, {\"url\": \"http://googlechromereleases.blogspot.com/2016/03/stable-channel-update_24.html\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"http://www.debian.org/security/2016/dsa-3531\", \"name\": \"DSA-3531\", \"tags\": [\"vendor-advisory\", \"x_refsource_DEBIAN\"]}, {\"url\": \"https://codereview.chromium.org/1804963002/\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"http://www.securitytracker.com/id/1035423\", \"name\": \"1035423\", \"tags\": [\"vdb-entry\", \"x_refsource_SECTRACK\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00001.html\", \"name\": \"openSUSE-SU-2016:0930\", \"tags\": [\"vendor-advisory\", \"x_refsource_SUSE\"]}, {\"url\": \"https://code.google.com/p/chromium/issues/detail?id=594574\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"http://www.ubuntu.com/usn/USN-2955-1\", \"name\": \"USN-2955-1\", \"tags\": [\"vendor-advisory\", \"x_refsource_UBUNTU\"]}, {\"url\": \"https://security.gentoo.org/glsa/201605-02\", \"name\": \"GLSA-201605-02\", \"tags\": [\"vendor-advisory\", \"x_refsource_GENTOO\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"The Array.prototype.concat implementation in builtins.cc in Google V8, as used in Google Chrome before 49.0.2623.108, does not properly consider element data types, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via crafted JavaScript code.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"text\", \"description\": \"n/a\"}]}], \"providerMetadata\": {\"orgId\": \"ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28\", \"shortName\": \"Chrome\", \"dateUpdated\": \"2016-11-30T18:57:01.000Z\"}, \"x_legacyV4Record\": {\"affects\": {\"vendor\": {\"vendor_data\": [{\"product\": {\"product_data\": [{\"version\": {\"version_data\": [{\"version_value\": \"n/a\"}]}, \"product_name\": \"n/a\"}]}, \"vendor_name\": \"n/a\"}]}}, \"data_type\": \"CVE\", \"references\": {\"reference_data\": [{\"url\": \"http://rhn.redhat.com/errata/RHSA-2016-0525.html\", \"name\": \"RHSA-2016:0525\", \"refsource\": \"REDHAT\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00000.html\", \"name\": \"openSUSE-SU-2016:0929\", \"refsource\": \"SUSE\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00039.html\", \"name\": \"openSUSE-SU-2016:1059\", \"refsource\": \"SUSE\"}, {\"url\": \"http://googlechromereleases.blogspot.com/2016/03/stable-channel-update_24.html\", \"name\": \"http://googlechromereleases.blogspot.com/2016/03/stable-channel-update_24.html\", \"refsource\": \"CONFIRM\"}, {\"url\": \"http://www.debian.org/security/2016/dsa-3531\", \"name\": \"DSA-3531\", \"refsource\": \"DEBIAN\"}, {\"url\": \"https://codereview.chromium.org/1804963002/\", \"name\": \"https://codereview.chromium.org/1804963002/\", \"refsource\": \"CONFIRM\"}, {\"url\": \"http://www.securitytracker.com/id/1035423\", \"name\": \"1035423\", \"refsource\": \"SECTRACK\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00001.html\", \"name\": \"openSUSE-SU-2016:0930\", \"refsource\": \"SUSE\"}, {\"url\": \"https://code.google.com/p/chromium/issues/detail?id=594574\", \"name\": \"https://code.google.com/p/chromium/issues/detail?id=594574\", \"refsource\": \"CONFIRM\"}, {\"url\": \"http://www.ubuntu.com/usn/USN-2955-1\", \"name\": \"USN-2955-1\", \"refsource\": \"UBUNTU\"}, {\"url\": \"https://security.gentoo.org/glsa/201605-02\", \"name\": \"GLSA-201605-02\", \"refsource\": \"GENTOO\"}]}, \"data_format\": \"MITRE\", \"description\": {\"description_data\": [{\"lang\": \"eng\", \"value\": \"The Array.prototype.concat implementation in builtins.cc in Google V8, as used in Google Chrome before 49.0.2623.108, does not properly consider element data types, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via crafted JavaScript code.\"}]}, \"problemtype\": {\"problemtype_data\": [{\"description\": [{\"lang\": \"eng\", \"value\": \"n/a\"}]}]}, \"data_version\": \"4.0\", \"CVE_data_meta\": {\"ID\": \"CVE-2016-1646\", \"STATE\": \"PUBLIC\", \"ASSIGNER\": \"security@google.com\"}}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2016-1646\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-07-28T19:45:25.722Z\", \"dateReserved\": \"2016-01-12T00:00:00.000Z\", \"assignerOrgId\": \"ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28\", \"datePublished\": \"2016-03-29T10:00:00.000Z\", \"assignerShortName\": \"Chrome\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.