Forum Thread:

You are currently viewing a forum thread in the Secunia Community Forum. Please note that opinions expressed here are not of Secunia but solely reflect those of the user who wrote it.

This thread was submitted in the following forum:
All Threads

This user no longer exists
Member 1st Jan, 1970 01:00
Ranking: 0
Posts: 0
User Since: 1st Jan, 1970
System Score: N/A
Location: N/A
Last edited on 1st Jan, 1970 01:00


MikeyD RE: Node.js V8 "Zone::New()" Vulnerability
Member 8th Sep, 2016 23:21
Score: 4
Posts: 5
User Since: 20th Dec 2007
System Score: N/A
Location: N/A
On my system this vulnerability is showing up in two files provided by Nvidia, as identified below, and the solution offered in the PSI does NOT solve the vulnerability. I think the that NVIDIA will have to update their software, because I fail to see where at the Node.js web site there is any link to update the "NVIDIA Web Helper .exe" file.

C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\nodejs\NVIDIA Web Helper.exe, version 4.4.3.0
C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe, version 4.4.3.0

Secunia maybe you should let NVIDIA know they have a problem?
Was this reply relevant?
+4
-0
Maurice Joyce RE: Node.js V8 "Zone::New()" Vulnerability
Handling Contributor 14th Sep, 2016 09:06
Score: 12325
Posts: 9,575
User Since: 4th Jan 2009
System Score: N/A
Location: UK
A CVE has been created so Nvidia will know about it - all indications point to the fact that it was affecting Google Chrome therefore it could be a false positive in all other cases. When this Forum was support by the vendors staff they would have investigated and adjusted the database if necessary.

Sadly those days are long gone - If you want reassurance that you are not affected you should contact Nvidia Support giving them details of the Flexera PSI findings.

--
Maurice

Microsoft Surface 4 Intel i7 64Bit
Windows 10 Pro version 1809 Build 17763.404
16 GB RAM
IE & Edge Only
Was this reply relevant?
+1
-0
WarningU2 RE: Node.js V8 "Zone::New()" Vulnerability
Member 25th Sep, 2016 15:43
Score: 23
Posts: 36
User Since: 26th Nov 2008
System Score: N/A
Location: CA
Last edited on 25th Sep, 2016 15:48
The actual version is now 4.5.0 not 4.4.6 as recommended. For some reason although I have the latest version Secunia keeps saying its not updated.

I scan again and then it says its fine.

Something buggy about this particular program and Secunia.
Was this reply relevant?
+0
-0