Showing 1 - 3 of 3

CVE-2016-1697

Status Candidate

Overview

The FrameLoader::startLoad function in WebKit/Source/core/loader/FrameLoader.cpp in Blink, as used in Google Chrome before 51.0.2704.79, does not prevent frame navigations during DocumentLoader detach operations, which allows remote attackers to bypass the Same Origin Policy via crafted JavaScript code.

Related Files

Ubuntu Security Notice USN-2992-1: Posted Jun 6, 2016; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 2992-1 - An unspecified security issue was discovered in Blink. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to bypass same-origin restrictions. An issue was discovered with Document reattachment in Blink in some circumstances. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to bypass same-origin restrictions. Various other issues were also addressed.; tags | advisory; systems | linux, ubuntu; advisories | CVE-2016-1673, CVE-2016-1675, CVE-2016-1677, CVE-2016-1678, CVE-2016-1679, CVE-2016-1680, CVE-2016-1682, CVE-2016-1683, CVE-2016-1684, CVE-2016-1688, CVE-2016-1689, CVE-2016-1691, CVE-2016-1692, CVE-2016-1695, CVE-2016-1697, CVE-2016-1699, CVE-2016-1702, CVE-2016-1703; SHA-256 | 1357f03519a820f4729bb06366c1e6aacefe39b5e41651f5222b8210ac039daf; Download | Favorite | View

Debian Security Advisory 3594-1: Posted Jun 6, 2016; Authored by Debian | Site debian.org; Debian Linux Security Advisory 3594-1 - Several vulnerabilities have been discovered in the chromium web browser.; tags | advisory, web, vulnerability; systems | linux, debian; advisories | CVE-2016-1696, CVE-2016-1697, CVE-2016-1698, CVE-2016-1699, CVE-2016-1700, CVE-2016-1701, CVE-2016-1702; SHA-256 | 3f3a128b8c5c70171b4ff208bb419127d87e33d7b3ea2c9ad35036958675519f; Download | Favorite | View

Red Hat Security Advisory 2016-1201-01: Posted Jun 2, 2016; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2016-1201-01 - Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to version 51.0.2704.79. Security Fix: Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Chromium to crash, execute arbitrary code, or disclose sensitive information when visited by the victim.; tags | advisory, web, arbitrary; systems | linux, redhat; advisories | CVE-2016-1696, CVE-2016-1697, CVE-2016-1698, CVE-2016-1699, CVE-2016-1700, CVE-2016-1701, CVE-2016-1702, CVE-2016-1703; SHA-256 | 78159a6f0bf85dce99470832c2d8b9478ff09799fd17a3ba47b49663cfd97e2f; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 221 files
Ubuntu 59 files
Debian 30 files
LiquidWorm 11 files
Valentin Lobstein 11 files
nu11secur1ty 9 files
Apple 6 files
Milad Karimi 5 files
Google Security Research 5 files
tmrswrr 4 files

File Archives

Systems

AIX (429)
Apple (2,078)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,022)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,467)
HPUX (880)
iOS (373)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (49,298)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (488)
RedHat (15,550)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,453)
UNIX (9,394)
UnixWare (187)
Windows (6,650)
Other

CVE-2016-1697

Overview

Related Files

File Archive:

April 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems