Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2016-1658

Опубликовано: 18 апр. 2016
Источник: ubuntu
Приоритет: low
CVSS2: 4.3
CVSS3: 4.3

Описание

The Extensions subsystem in Google Chrome before 50.0.2661.75 incorrectly relies on GetOrigin method calls for origin comparisons, which allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted extension.

РелизСтатусПримечание
devel

released

50.0.2661.102-0ubuntu1.1242
esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was released [50.0.2661.102-0ubuntu0.14.04.1.1117]]
precise

ignored

trusty

released

50.0.2661.102-0ubuntu0.14.04.1.1117
trusty/esm

DNE

trusty was released [50.0.2661.102-0ubuntu0.14.04.1.1117]
upstream

released

50.0.2661.75
vivid/stable-phone-overlay

DNE

vivid/ubuntu-core

DNE

wily

released

50.0.2661.102-0ubuntu0.15.10.1.1227
xenial

released

50.0.2661.102-0ubuntu0.16.04.1.1237

Показывать по

РелизСтатусПримечание
devel

not-affected

esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was not-affected]
esm-infra/xenial

not-affected

precise

DNE

trusty

not-affected

trusty/esm

DNE

trusty was not-affected
upstream

not-affected

vivid/stable-phone-overlay

not-affected

vivid/ubuntu-core

DNE

wily

not-affected

Показывать по

Ссылки на источники

4.3 Medium

CVSS2

4.3 Medium

CVSS3

Связанные уязвимости

redhat логотип

CVE-2016-1658

redhat
почти 10 лет назад

The Extensions subsystem in Google Chrome before 50.0.2661.75 incorrectly relies on GetOrigin method calls for origin comparisons, which allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted extension.

nvd логотип

CVE-2016-1658

CVSS3: 4.3
nvd
почти 10 лет назад

The Extensions subsystem in Google Chrome before 50.0.2661.75 incorrectly relies on GetOrigin method calls for origin comparisons, which allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted extension.

debian логотип

CVE-2016-1658

CVSS3: 4.3
debian
почти 10 лет назад

The Extensions subsystem in Google Chrome before 50.0.2661.75 incorrec ...

github логотип

GHSA-jqq4-q4jg-35ch

CVSS3: 4.3
github
больше 3 лет назад

The Extensions subsystem in Google Chrome before 50.0.2661.75 incorrectly relies on GetOrigin method calls for origin comparisons, which allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted extension.

fstec логотип

BDU:2016-01058

fstec
почти 10 лет назад

Уязвимость браузера Google Chrome, позволяющая нарушителю получить конфиденциальную информацию или обойти существующую политику ограничения доступа

4.3 Medium

CVSS2

4.3 Medium

CVSS3