Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Google V8, as used in Google Chrome before 38.0.2125.101, does not properly track JavaScript heap-memory allocations as allocations of uninitialized memory and does not properly concatenate arrays of double-precision floating-point numbers, which allows remote attackers to obtain sensitive information via crafted JavaScript code, related to the PagedSpace::AllocateRaw and NewSpace::AllocateRaw functions in heap/spaces-inl.h, the LargeObjectSpace::AllocateRaw function in heap/spaces.cc, and the Runtime_ArrayConcat function in runtime.cc.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Google V8 资源管理错误漏洞
Vulnerability Description
Google Chrome是美国谷歌(Google)公司开发的一款Web浏览器。Google V8是其中的一套开源JavaScript引擎。 Google Chrome 38.0.2125.7及之前版本中使用的Google V8中存在安全漏洞,该漏洞源于程序没有正确追踪未初始化的堆内存分配,而且没有正确串联双精度浮点组。远程攻击者可借助特制的JavaScript代码利用该漏洞获取敏感信息。
CVSS Information
N/A
Vulnerability Type
N/A