Buffer Overflow Vulnerability in Google V8 Used in Google Chrome
CVE-2013-6638

Currently unrated

Key Information:

Vendor: Google
Status: Chrome; V8
Vendor: CVE Published:; 7 December 2013

Summary

Multiple buffer overflows in the runtime.cc file of Google V8 prior to version 3.22.24.7, which is employed in Google Chrome releases earlier than 31.0.1650.63, allow remote attackers to exploit these vulnerabilities. By triggering large typed arrays with the Runtime_TypedArrayInitialize and Runtime_TypedArrayInitializeFromArrayLike functions, a remote attacker may cause a denial of service or possibly invoke other unspecified impacts.

References

http://secunia.com/advisories/56217

third-party-advisoryx_refsource_SECUNIA

http://lists.opensuse.org/opensuse-updates/2013-12/msg001...

vendor-advisoryx_refsource_SUSE

http://code.google.com/p/v8/source/detail?r=17800

x_refsource_CONFIRM

Timeline

Vulnerability published
Dec 7, 2013
Vulnerability Reserved
Nov 5, 2013