Lucene search

K

ChromeCVELIST:CVE-2016-1632

HistoryMar 06, 2016 - 2:00 a.m.

CVE-2016-1632

2016-03-0602:00:00

Chrome

www.cve.org

6

AI Score

8.9

Confidence

High

EPSS

0.011

Percentile

84.2%

The Extensions subsystem in Google Chrome before 49.0.2623.75 does not properly maintain own properties, which allows remote attackers to bypass intended access restrictions via crafted JavaScript code that triggers an incorrect cast, related to extensions/renderer/v8_helpers.h and gin/converter.h.

References

googlechromereleases.blogspot.com/2016/03/stable-channel-update.html

lists.opensuse.org/opensuse-security-announce/2016-03/msg00014.html

lists.opensuse.org/opensuse-security-announce/2016-03/msg00015.html

lists.opensuse.org/opensuse-security-announce/2016-03/msg00018.html

lists.opensuse.org/opensuse-security-announce/2016-03/msg00028.html

www.debian.org/security/2016/dsa-3507

www.securityfocus.com/bid/84008

www.securitytracker.com/id/1035185

code.google.com/p/chromium/issues/detail?id=549986

codereview.chromium.org/1433293004

security.gentoo.org/glsa/201603-09

AI Score

8.9

Confidence

High

EPSS

0.011

Percentile

84.2%

Related for CVELIST:CVE-2016-1632

prion1 debiancve1 cve1 ubuntucve1 nvd1 freebsd1 redhat1 nessus12 chrome1 suse4 openvas10 archlinux1 debian2 osv1 kaspersky1 mageia1 gentoo1