CVE-2016-1623

high
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

The DOM implementation in Google Chrome before 48.0.2564.109 does not properly restrict frame-attach operations from occurring during or after frame-detach operations, which allows remote attackers to bypass the Same Origin Policy via a crafted web site, related to FrameLoader.cpp, HTMLFrameOwnerElement.h, LocalFrame.cpp, and WebLocalFrameImpl.cpp.

References

http://googlechromereleases.blogspot.com/2016/02/stable-channel-update_9.html

http://lists.opensuse.org/opensuse-updates/2016-02/msg00104.html

http://lists.opensuse.org/opensuse-updates/2016-02/msg00119.html

http://rhn.redhat.com/errata/RHSA-2016-0241.html

http://www.debian.org/security/2016/dsa-3486

http://www.securityfocus.com/bid/83125

http://www.securitytracker.com/id/1035183

http://www.ubuntu.com/usn/USN-2895-1

https://code.google.com/p/chromium/issues/detail?id=577105

https://codereview.chromium.org/1659013003

https://security.gentoo.org/glsa/201603-09

Details

Source: MITRE

Published: 2016-02-14

Updated: 2018-10-30

Type: CWE-264

Risk Information

CVSS v2

Base Score: 6.8

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

Impact Score: 6.4

Exploitability Score: 8.6

Severity: MEDIUM

CVSS v3

Base Score: 8.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Impact Score: 5.9

Exploitability Score: 2.8

Severity: HIGH

Vulnerable Software

Configuration 1

OR

cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*

Configuration 2

OR

cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:* versions up to 48.0.2564.103 (inclusive)

Configuration 3

OR

cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*

Tenable Plugins

View all (10 total)

IDNameProductFamilySeverity
89902GLSA-201603-09 : Chromium: Multiple vulnerabilitiesNessusGentoo Local Security Checks
critical
88879openSUSE Security Update : Chromium (openSUSE-2016-238)NessusSuSE Local Security Checks
high
88869Debian DSA-3486-1 : chromium-browser - security updateNessusDebian Local Security Checks
critical
9083Google Chrome < 48.0.2564.109 Multiple VulnerabilitiesNessus Network MonitorWeb Clients
high
88861Ubuntu 14.04 LTS / 15.10 : oxide-qt vulnerabilities (USN-2895-1)NessusUbuntu Local Security Checks
high
88826openSUSE Security Update : Chromium (openSUSE-2016-221)NessusSuSE Local Security Checks
high
88794RHEL 6 : chromium-browser (RHSA-2016:0241)NessusRed Hat Local Security Checks
high
88682Google Chrome < 48.0.2564.109 Multiple Vulnerabilities (Mac OS X)NessusMacOS X Local Security Checks
high
88681Google Chrome < 48.0.2564.109 Multiple VulnerabilitiesNessusWindows
high
88667FreeBSD : chromium -- multiple vulnerabilities (36034227-cf81-11e5-9c2b-00262d5ed8ee)NessusFreeBSD Local Security Checks
high