Google Chrome < 48.0.2564.116 Blink Same-Origin Policy Bypass (Mac OS X)

High Nessus Plugin ID 88957


The remote Mac OS X host contains a web browser that is affected by a security bypass vulnerability.


The version of Google Chrome installed on the remote Mac OS X host is prior to 48.0.2564.116. It is, therefore, affected by an unspecified flaw related to the Blink rendering engine. An attacker can exploit this to bypass same-origin policy restrictions and escape the sandbox, allowing the attacker to execute arbitrary code with elevated privileges.


Upgrade to Google Chrome version 48.0.2564.116 or later.

See Also

Plugin Details

Severity: High

ID: 88957

File Name: macosx_google_chrome_48_0_2564_116.nasl

Version: $Revision: 1.5 $

Type: local

Agent: macosx

Published: 2016/02/25

Modified: 2016/04/28

Dependencies: 70890

Risk Information

Risk Factor: High


Base Score: 9.3

Temporal Score: 7.7

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:F/RL:OF/RC:ND

Vulnerability Information

CPE: cpe:/a:google:chrome

Required KB Items: MacOSX/Google Chrome/Installed

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2016/02/18

Vulnerability Publication Date: 2016/02/18

Reference Information

CVE: CVE-2016-1629

OSVDB: 134721