CVE-2016-1697
Published: 6 June 2016
The FrameLoader::startLoad function in WebKit/Source/core/loader/FrameLoader.cpp in Blink, as used in Google Chrome before 51.0.2704.79, does not prevent frame navigations during DocumentLoader detach operations, which allows remote attackers to bypass the Same Origin Policy via crafted JavaScript code.
Priority
Status
Package | Release | Status |
---|---|---|
chromium-browser Launchpad, Ubuntu, Debian |
precise |
Ignored
|
trusty |
Released
(51.0.2704.79-0ubuntu0.14.04.1.1121)
|
|
upstream |
Released
(51.0.2704.79)
|
|
wily |
Ignored
(end of life)
|
|
xenial |
Released
(51.0.2704.79-0ubuntu0.16.04.1.1242)
|
|
oxide-qt Launchpad, Ubuntu, Debian |
precise |
Does not exist
|
trusty |
Released
(1.15.7-0ubuntu0.14.04.1)
|
|
upstream |
Released
(1.15.7)
|
|
wily |
Released
(1.15.7-0ubuntu0.15.10.1)
|
|
xenial |
Released
(1.15.7-0ubuntu0.16.04.1)
|
Severity score breakdown
Parameter | Value |
---|---|
Base score | 8.8 |
Attack vector | Network |
Attack complexity | Low |
Privileges required | None |
User interaction | Required |
Scope | Unchanged |
Confidentiality | High |
Integrity impact | High |
Availability impact | High |
Vector | CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |