cve/2020/CVE-2020-16040.md

### [CVE-2020-16040](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16040)
![](https://img.shields.io/static/v1?label=Product&message=Chrome&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=%3C%2087.0.4280.88%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=Insufficient%20data%20validation&color=brighgreen)

### Description

Insufficient data validation in V8 in Google Chrome prior to 87.0.4280.88 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

### POC

#### Reference
- http://packetstormsecurity.com/files/162087/Google-Chrome-86.0.4240-V8-Remote-Code-Execution.html
- http://packetstormsecurity.com/files/162106/Google-Chrome-86.0.4240-V8-Remote-Code-Execution.html
- http://packetstormsecurity.com/files/162144/Google-Chrome-SimplfiedLowering-Integer-Overflow.html

#### Github
- https://github.com/ARPSyndicate/cvemon
- https://github.com/SexyBeast233/SecBooks
- https://github.com/Wi1L-Y/News
- https://github.com/anvbis/chrome_v8_ndays
- https://github.com/anvbis/trivialize
- https://github.com/dongAxis/to_be_a_v8_master
- https://github.com/ernestang98/win-exploits
- https://github.com/hktalent/bug-bounty
- https://github.com/joydo/CVE-Writeups
- https://github.com/maldev866/ChExp_CVE_2020_16040
- https://github.com/oneoy/exploits1
- https://github.com/r4j0x00/exploits
- https://github.com/ret2eax/exploits
- https://github.com/ret2eax/ret2eax
- https://github.com/singularseclab/Browser_Exploits
- https://github.com/tanjiti/sec_profile
- https://github.com/yuvaly0/exploits
Update Sat May 25 21:48:12 CEST 2024 2024-05-25 21:48:12 +02:00			`### [CVE-2020-16040](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16040)`
			`![](https://img.shields.io/static/v1?label=Product&message=Chrome&color=blue)`
			`![](https://img.shields.io/static/v1?label=Version&message=%3C%2087.0.4280.88%20&color=brighgreen)`
			`![](https://img.shields.io/static/v1?label=Vulnerability&message=Insufficient%20data%20validation&color=brighgreen)`

			`### Description`

			`Insufficient data validation in V8 in Google Chrome prior to 87.0.4280.88 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.`

			`### POC`

			`#### Reference`
			`- http://packetstormsecurity.com/files/162087/Google-Chrome-86.0.4240-V8-Remote-Code-Execution.html`
			`- http://packetstormsecurity.com/files/162106/Google-Chrome-86.0.4240-V8-Remote-Code-Execution.html`
			`- http://packetstormsecurity.com/files/162144/Google-Chrome-SimplfiedLowering-Integer-Overflow.html`

			`#### Github`
			`- https://github.com/ARPSyndicate/cvemon`
			`- https://github.com/SexyBeast233/SecBooks`
			`- https://github.com/Wi1L-Y/News`
			`- https://github.com/anvbis/chrome_v8_ndays`
			`- https://github.com/anvbis/trivialize`
			`- https://github.com/dongAxis/to_be_a_v8_master`
Update CVE sources 2024-06-07 17:53 2024-06-07 17:53:02 +00:00			`- https://github.com/ernestang98/win-exploits`
Update Sat May 25 21:48:12 CEST 2024 2024-05-25 21:48:12 +02:00			`- https://github.com/hktalent/bug-bounty`
			`- https://github.com/joydo/CVE-Writeups`
			`- https://github.com/maldev866/ChExp_CVE_2020_16040`
			`- https://github.com/oneoy/exploits1`
			`- https://github.com/r4j0x00/exploits`
			`- https://github.com/ret2eax/exploits`
			`- https://github.com/ret2eax/ret2eax`
			`- https://github.com/singularseclab/Browser_Exploits`
Update CVE sources 2024-06-07 04:52 2024-06-07 04:52:01 +00:00			`- https://github.com/tanjiti/sec_profile`
Update Sat May 25 21:48:12 CEST 2024 2024-05-25 21:48:12 +02:00			`- https://github.com/yuvaly0/exploits`