CVE-2017-15428 (retired)

Priority
Description
Insufficient data validation in V8 builtins string generator could lead to
out of bounds read and write access in V8 in Google Chrome prior to
62.0.3202.94 and allowed a remote attacker to execute arbitrary code inside
a sandbox via a crafted HTML page.
Package
Upstream:released (63.0.3239.84-1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE (trusty was ignored [no longer updated])
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (74.0.3729.169-0ubuntu0.16.04.1)
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (74.0.3729.169-0ubuntu0.16.04.1)
Ubuntu 19.04 (Disco Dingo):not-affected (74.0.3729.169-0ubuntu0.16.04.1)
Ubuntu 19.10 (Eoan):not-affected (74.0.3729.169-0ubuntu0.16.04.1)
More Information

Updated: 2019-09-19 16:02:31 UTC (commit d32ebc32606b9517c6fa7d65a15441e2a57a6de5)