Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2016-1697

The FrameLoader::startLoad function in WebKit/Source/core/loader/FrameLoader.cpp in Blink, as used in Google Chrome before 51.0.2704.79, does not prevent frame navigations during DocumentLoader detach operations, which allows remote attackers to bypass the Same Origin Policy via crafted JavaScript code.

See the

CVE page on Mitre.org for more details.

References

CONFIRM: http://googlechromerel...
CONFIRM: https://codereview.chr...
CONFIRM: https://crbug.com/613266
DEBIAN: DSA-3594
REDHAT: RHSA-2016:1201
SUSE: SUSE-SU-2016:1490
SUSE: openSUSE-SU-2016:1489
SUSE: openSUSE-SU-2016:1496
UBUNTU: USN-2992-1
SECTRACK: 1036026

Launchpad.net

CVE 2016-1697

Related bugs

References