CVE-2016-1711 in Chromeinfo

Summary

WebKit/Source/core/loader/FrameLoader.cpp in Blink, as used in Google Chrome before 52.0.2743.82, does not disable frame navigation during a detach operation on a DocumentLoader object, which allows remote attackers to bypass the Same Origin Policy via a crafted web site.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

Reservation

01/12/2016

Disclosure

07/23/2016

Moderation

VulDB entry created

Entries

1: VDB-90234

CPE

ready

CWE

CWE-285 (Confirmed)

CVSS

8.8

EPSS

0.01777

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2016-1711
NVD	https://nvd.nist.gov/vuln/detail/CVE-2016-1711
CVE Details	https://www.cvedetails.com/cve/CVE-2016-1711/

◂ Previous Overview Next ▸

Want to stay up to date on a daily basis?

Enable the mail alert feature now!