Уязвимость CVE-2016-1710

CVE-2016-1710

CVSS3: 8.8

ubuntu

больше 9 лет назад

The ChromeClientImpl::createWindow method in WebKit/Source/web/ChromeClientImpl.cpp in Blink, as used in Google Chrome before 52.0.2743.82, does not prevent window creation by a deferred frame, which allows remote attackers to bypass the Same Origin Policy via a crafted web site.

CVE-2016-1710

CVSS3: 8.8

nvd

больше 9 лет назад

The ChromeClientImpl::createWindow method in WebKit/Source/web/ChromeClientImpl.cpp in Blink, as used in Google Chrome before 52.0.2743.82, does not prevent window creation by a deferred frame, which allows remote attackers to bypass the Same Origin Policy via a crafted web site.

CVE-2016-1710

CVSS3: 8.8

debian

больше 9 лет назад

The ChromeClientImpl::createWindow method in WebKit/Source/web/ChromeC ...

GHSA-5c9c-9732-p6mg

CVSS3: 8.8

github

больше 3 лет назад

The ChromeClientImpl::createWindow method in WebKit/Source/web/ChromeClientImpl.cpp in Blink, as used in Google Chrome before 52.0.2743.82, does not prevent window creation by a deferred frame, which allows remote attackers to bypass the Same Origin Policy via a crafted web site.

BDU:2016-02047

fstec

больше 9 лет назад

Уязвимость браузера Google Chrome, позволяющая нарушителю обойти существующую политику ограничения доступа

exploitDog

CVE-2016-1710

Описание

Ссылки на источники

Дополнительная информация

Связанные уязвимости