Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ibmIBM2E18D567B97F0C78D1C67EA5C6AF3C580DB1B006B93EF17156FB5BD08C16358A
HistoryAug 03, 2018 - 4:23 a.m.

Security Bulletin: Buffer overflow in V8 in Node.js affects IBM Rational Application Developer for WebSphere Software included in Rational Developer for i and Rational Developer for AIX and Linux

2018-08-0304:23:43
www.ibm.com
14

0.035 Low

EPSS

Percentile

91.5%

JSON

Summary

Portions of IBM Rational Application Developer for WebSphere Software are shipped as a component of Rational Developer for i (RPG and COBOL + Modernization Tools, Java and EGL editions), and Rational Developer for AIX and Linux.
Under certain conditions, V8 may improperly expand memory allocations in the Zone::New function. This could potentially be used to cause a Denial of Service via buffer overflow or as a trigger for a remote code execution. IBM Rational Application Developer for WebSphere Software has addressed the applicable CVE (CVE-2016-1669).

Vulnerability Details

CVEID: CVE-2016-1669**
DESCRIPTION:** Google Chrome is vulnerable to a buffer overflow, caused by an error in V8. By persuading a victim to visit a specially-crafted Web site, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash.
CVSS Base Score: 6.3
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/113145 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L)

Affected Products and Versions

Affected Product and Version(s)

| Product and Version shipped as a component
—|—
IBM Rational Developer for i v9.1, v9.1.1, v9.1.1.1, v9.5, v9.5.0.1, 9.5.0.2, 9.5.0.3, RPG and COBOL + Modernization Tools, Java Edition| Rational Application Developer 9.1, 9.1.1, 9.5
IBM Rational Developer for i v9.1, v9.1.1 and v9.1.1.1, v9.5, v9.5.0.1, 9.5.0.2, 9.5.0.3, RPG and COBOL + Modernization Tools, EGL Edition| Rational Application Developer 9.1, 9.1.1, 9.5
IBM Rational Developer for AIX and Linux v9.1, v9.1.1, v9.1.1.1, v9.1.1.2 and v9.1.1.3, AIX COBOL Edition| Rational Application Developer 9.1, 9.1.1
IBM Rational Developer for AIX and Linux v9.1, v9.1.1, v9.1.1.1, v9.1.1.2 and v9.1.1.3, C/C++ Edition| Rational Application Developer 9.1, 9.1.1

Remediation/Fixes

Review the Remediation/Fixes section of Security Bulletin: Buffer overflow in V8 for instructions on obtaining the fix for this issue.

Related

nessus 20
redhat 7
ibm 6
f5 1
veracode 1
cvelist 1
cve 1
fedora 2
openvas 13
prion 1
mageia 2
ubuntucve 1
nvd 1
debiancve 1
nodejsblog 1
suse 4
archlinux 1
kaspersky 1
threatpost 1
chrome 1
freebsd 1
ubuntu 1
apple 2
gentoo 1
osv 1
debian 2
nessus
nessus
RHEL 6 : v8 (Unpatched Vulnerability)
2024-05-11 00:00:00
RHEL 7 : v8 (Unpatched Vulnerability)
2024-06-03 00:00:00
Fedora 24 : 1:v8 (2016-e720bc8451)
2016-08-09 00:00:00
redhat
redhat
(RHSA-2017:0881) Moderate: v8 security update
2017-04-05 02:04:25
(RHSA-2017:0880) Moderate: v8 security update
2017-04-05 02:04:19
(RHSA-2017:0882) Moderate: v8 security update
2017-04-05 02:04:30
ibm
ibm
Security Bulletin: IBM® SDK for Node.js™ may be affected by CVE-2016-1669
2018-08-09 04:20:36
Security Bulletin: IBM® SDK for Node.js™ in IBM Bluemix may be affected by CVE-2016-1669
2018-08-09 04:20:36
Security Bulletin: Vulnerabilities in node.js processing affect IBM DataPower Gateways
2018-06-15 07:06:13
f5
f5
K35655050 : NodeJS vulnerability CVE-2016-1669
2017-04-19 00:00:00
veracode
veracode
Denial Of Service (DoS)
2019-01-15 09:14:45
cvelist
cvelist
CVE-2016-1669
2016-05-14 21:00:00
cve
cve
CVE-2016-1669
2016-05-14 21:59:09
fedora
fedora
[SECURITY] Fedora 23 Update: v8-3.14.5.10-25.fc23
2016-08-09 07:26:55
[SECURITY] Fedora 24 Update: v8-3.14.5.10-25.fc24
2016-08-08 20:36:51
openvas
openvas
Fedora Update for v8 FEDORA-2016-6fd3131c03
2016-08-10 00:00:00
Fedora Update for v8 FEDORA-2016-e720bc8451
2016-08-09 00:00:00
Mageia: Security Advisory (MGASA-2016-0307)
2022-01-28 00:00:00
prion
prion
Buffer overflow
2016-05-14 21:59:00
mageia
mageia
Updated nodejs packages fix security vulnerability
2016-09-21 23:38:22
Updated chromium-browser-stable packages fix security vulnerability
2016-05-18 23:14:22
ubuntucve
ubuntucve
CVE-2016-1669
2016-05-13 00:00:00
nvd
nvd
CVE-2016-1669
2016-05-14 21:59:09
debiancve
debiancve
CVE-2016-1669
2016-05-14 21:59:09
nodejsblog
nodejsblog
Security updates for all active release lines, June 2016
2016-06-13 00:00:00
suse
suse
Security update for Chromium (important)
2016-05-16 13:07:48
Security update for Chromium (important)
2016-05-17 21:07:44
Security update for nodejs (important)
2016-10-11 19:20:03
archlinux
archlinux
chromium: multiple issues
2016-05-12 00:00:00
kaspersky
kaspersky
KLA10809 Multiple vulnerabilities in Google Chrome
2016-05-11 00:00:00
threatpost
threatpost
5 Vulnerabilities Fixed In Chrome Browser, Google Pays $20K to Bug Hunters
2016-05-12 11:58:15
chrome
chrome
Stable Channel Update
2016-05-11 00:00:00
freebsd
freebsd
chromium -- multiple vulnerabilities
2016-05-11 00:00:00
ubuntu
ubuntu
Oxide vulnerabilities
2016-05-18 00:00:00
apple
apple
About the security content of Xcode 8.1
2016-10-27 00:00:00
About the security content of Xcode 8.1 - Apple Support
2017-01-23 05:36:06
gentoo
gentoo
Chromium: Multiple vulnerabilities
2016-05-14 00:00:00
osv
osv
chromium-browser - security update
2016-06-01 00:00:00
debian
debian
[SECURITY] [DSA 3590-1] chromium-browser security update
2016-06-01 03:49:42
[SECURITY] [DSA 3590-1] chromium-browser security update
2016-06-01 03:49:42

0.035 Low

EPSS

Percentile

91.5%

JSON
Related for 2E18D567B97F0C78D1C67EA5C6AF3C580DB1B006B93EF17156FB5BD08C16358A
nessus20redhat7ibm6f51veracode1cvelist1cve1fedora2openvas13prion1mageia2ubuntucve1nvd1debiancve1nodejsblog1suse4archlinux1kaspersky1threatpost1chrome1freebsd1ubuntu1apple2gentoo1osv1debian2