CVE-2016-5198 — Vulnetix

Try Vulnetix Request Demo

CVE-2016-5198 PUBLISHED KEV

V8 in Google Chrome prior to 54.0.2840.90 for Linux, and 54.0.2840.85 for Android, and 54.0.2840.87 for Windows and Mac included incorrect optimisation assumptions, which allowed a remote attacker to perform arbitrary read/write operations, leading to code execution, via a crafted HTML page.

EPSS 77.91% · 99.0th percentile

Risk Scores

EPSS Score

77.91%

99.0th percentile

Affected Products

Vendor	Product	Versions
Ubuntu:16.04:LTS	libv8-3.14	3.14.5.8-5ubuntu2, 0
Ubuntu:16.04:LTS	chromium-browser	47.0.2526.73-0ubuntu1.1218, 53.0.2785.143-0ubuntu0.16.04.1.1257, 53.0.2785.143-0ubuntu0.16.04.1.1254
Ubuntu:14.04:LTS	chromium-browser	47.0.2526.73-0ubuntu0.14.04.1.1106, 48.0.2564.82-0ubuntu0.14.04.1.1108, 49.0.2623.87-0ubuntu0.14.04.1.1112
Ubuntu:18.04:LTS	libv8-3.14	3.14.5.8-11ubuntu1, 0
Ubuntu:14.04:LTS	oxide-qt	1.12.6-0ubuntu0.14.04.1, 1.8.4-0ubuntu0.14.04.2, 1.9.1-0ubuntu0.14.04.2
Ubuntu:16.04:LTS	oxide-qt	1.11.4-0ubuntu1, 1.11.5-0ubuntu1, 1.12.5-0ubuntu1

Timeline

Nov 4, 2016 CVE Published
Feb 4, 2022 EPSS Score
May 19, 2022 EPSS Score
Jun 8, 2022 CISA KEV Added
Jul 10, 2022 EPSS Score
Oct 23, 2022 EPSS Score
Nov 30, 2022 EPSS Score
Feb 4, 2023 EPSS Score
Mar 28, 2023 EPSS Score
May 19, 2023 EPSS Score
Aug 31, 2023 EPSS Score
Oct 2, 2023 EPSS Score

References

https://ubuntu.com/security/CVE-2016-5198 third-party-advisory
https://ubuntu.com/security/notices/USN-3133-1 vendor-advisory
https://www.cve.org/CVERecord?id=CVE-2016-5198 third-party-advisory
https://www.cisa.gov/known-exploited-vulnerabilities-catalog third-party-advisory

Open in Interactive Console →