Описание
core/dom/Document.cpp in Blink, as used in Google Chrome before 43.0.2357.65, enables the inheritance of the designMode attribute, which allows remote attackers to bypass the Same Origin Policy by leveraging the availability of editing.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | released | 43.0.2357.81-0ubuntu1.1179 |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was released [43.0.2357.81-0ubuntu0.14.04.1.1089]] |
| precise | ignored | |
| trusty | released | 43.0.2357.81-0ubuntu0.14.04.1.1089 |
| trusty/esm | DNE | trusty was released [43.0.2357.81-0ubuntu0.14.04.1.1089] |
| upstream | released | 43.0.2357.65 |
| utopic | released | 43.0.2357.81-0ubuntu0.14.10.1.1131 |
| vivid | released | 43.0.2357.81-0ubuntu0.15.04.1.1170 |
| wily | released | 43.0.2357.81-0ubuntu1.1179 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | released | 1.7.8-0ubuntu1 |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was released [1.7.8-0ubuntu0.14.04.1]] |
| precise | DNE | |
| trusty | released | 1.7.8-0ubuntu0.14.04.1 |
| trusty/esm | DNE | trusty was released [1.7.8-0ubuntu0.14.04.1] |
| upstream | released | 1.7.8 |
| utopic | released | 1.7.8-0ubuntu0.14.10.1 |
| vivid | released | 1.7.8-0ubuntu0.15.04.1 |
| wily | released | 1.7.8-0ubuntu1 |
Показывать по
Ссылки на источники
5 Medium
CVSS2
Связанные уязвимости
core/dom/Document.cpp in Blink, as used in Google Chrome before 43.0.2357.65, enables the inheritance of the designMode attribute, which allows remote attackers to bypass the Same Origin Policy by leveraging the availability of editing.
core/dom/Document.cpp in Blink, as used in Google Chrome before 43.0.2357.65, enables the inheritance of the designMode attribute, which allows remote attackers to bypass the Same Origin Policy by leveraging the availability of editing.
core/dom/Document.cpp in Blink, as used in Google Chrome before 43.0.2 ...
core/dom/Document.cpp in Blink, as used in Google Chrome before 43.0.2357.65, enables the inheritance of the designMode attribute, which allows remote attackers to bypass the Same Origin Policy by leveraging the availability of editing.
Уязвимость браузера Google Chrome, позволяющая нарушителю обойти правила разграничения доступа
5 Medium
CVSS2