HTTP: Google Chrome CVE-2016-1688 Denial Of Service

This signature detects attempts to exploit a known vulnerability against Google Chrome. A successful attack can lead to denial of service condition.

Extended Description

The regexp (aka regular expression) implementation in Google V8 before 5.0.71.40, as used in Google Chrome before 51.0.2704.63, mishandles external string sizes, which allows remote attackers to cause a denial of service (out-of-bounds read) via crafted JavaScript code.

Affected Products

Google v8

References

CVE: CVE-2016-1688

Short Name
HTTP:STC:CHROME:CVE-2016-1688
Severity
Major
Recommended
True
Recommended Action
Drop
Category
HTTP
Keywords
CVE-2016-1688 Chrome Denial Google Of Service
Release Date
05/15/2017
Supported Platforms

srx-branch-12.3

srx-19.3

srx-branch-19.3

vsrx3bsd-19.2

srx-branch-19.4

vsrx-19.4

mx-12.3

mx-19.4

vmx-19.4

mx-19.3

vsrx3bsd-19.4

srx-19.4

vsrx-12.3

vmx-19.3

vsrx-19.2

srx-12.3

Sigpack Version
3590
False Positive
Unknown
Vendors

Google

Suse

Redhat

Opensuse

Debian

Canonical

CVSS Score

4.3

Found a potential security threat?