Lucene search

[email protected]CVE-2016-5135

HistoryJul 23, 2016 - 7:59 p.m.

CVE-2016-5135

2016-07-2319:59:00

CWE-20

[email protected]

web.nvd.nist.gov

cve

2016

5135

webkit

blink

google chrome

content security policy

csp

referrer-policy

html preload scanner

nvd

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

6.8 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.005 Low

EPSS

Percentile

76.0%

JSON

WebKit/Source/core/html/parser/HTMLPreloadScanner.cpp in Blink, as used in Google Chrome before 52.0.2743.82, does not consider referrer-policy information inside an HTML document during a preload request, which allows remote attackers to bypass the Content Security Policy (CSP) protection mechanism via a crafted web site, as demonstrated by a “Content-Security-Policy: referrer origin-when-cross-origin” header that overrides a “<META name=‘referrer’ content=‘no-referrer’>” element.

CPENameOperatorVersion
google:chromegoogle chromele51.0.2704.106

CPE	Name	Operator	Version
google:chrome	google chrome	le	51.0.2704.106

References

googlechromereleases.blogspot.com/2016/07/stable-channel-update.html

lists.opensuse.org/opensuse-security-announce/2016-07/msg00020.html

lists.opensuse.org/opensuse-security-announce/2016-07/msg00021.html

lists.opensuse.org/opensuse-security-announce/2016-07/msg00022.html

lists.opensuse.org/opensuse-security-announce/2016-07/msg00028.html

rhn.redhat.com/errata/RHSA-2016-1485.html

www.debian.org/security/2016/dsa-3637

www.securityfocus.com/bid/92053

www.securitytracker.com/id/1036428

www.ubuntu.com/usn/USN-3041-1

codereview.chromium.org/1913983002

crbug.com/605451

security.gentoo.org/glsa/201610-09

Social References

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

6.8 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.005 Low

EPSS

Percentile

76.0%

JSON

Related for CVE-2016-5135

debiancve1 prion1 redhatcve1 ubuntucve1 openvas9 nessus11 ubuntu1 freebsd1 redhat1 archlinux1 threatpost1 suse4 chrome1 mageia1 kaspersky1 debian2 osv1 gentoo1