CVE-2017-5030
Incorrect handling of complex species in V8 in Google Chrome prior to 57.0.2987.98 for Linux, Windows, and Mac and 57.0.2987.108 for Android...
Basic Information
- CVE State
- PUBLISHED
- Reserved Date
- January 02, 2017
- Published Date
- April 24, 2017
- Last Updated
- January 29, 2025
- Vendor
- n/a
- Product
- Google Chrome prior to 57.0.2987.98 for Linux, Windows and Mac, and 57.0.2987.108 for Android
- Description
- Incorrect handling of complex species in V8 in Google Chrome prior to 57.0.2987.98 for Linux, Windows, and Mac and 57.0.2987.108 for Android allowed a remote attacker to execute arbitrary code via a crafted HTML page.
CVSS Scores
CVSS v3.1
8.8 - HIGH
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
SSVC Information
- Exploitation
- active
- Technical Impact
- total
Exploit Status
- Exploited in the Wild
- Yes (added 2022-06-08 00:00:00 UTC) Source
References
https://chromereleases.googleblog.com/2017/03/stable-channel-update-for-desktop.html
https://security.gentoo.org/glsa/201704-02
https://crbug.com/682194
http://www.debian.org/security/2017/dsa-3810
http://www.securityfocus.com/bid/96767
http://rhn.redhat.com/errata/RHSA-2017-0499.html
https://www.zerodayinitiative.com/advisories/ZDI-20-126/
Known Exploited Vulnerability Information
| Source | Added Date |
|---|---|
| CISA | 2022-06-08 00:00:00 UTC |