9.6 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.106 Low
EPSS
Percentile
94.9%
Google Chrome Releases reports:
48 security fixes in this release, including:
[610600] High CVE-2016-1706: Sandbox escape in PPAPI. Credit to
Pinkie Pie xisigr of Tencentβs Xuanwu Lab
[613949] High CVE-2016-1708: Use-after-free in Extensions.
Credit to Adam Varsan
[614934] High CVE-2016-1709: Heap-buffer-overflow in sfntly.
Credit to ChenQin of Topsec Security Team
[616907] High CVE-2016-1710: Same-origin bypass in Blink.
Credit to Mariusz Mlynski
[617495] High CVE-2016-1711: Same-origin bypass in Blink.
Credit to Mariusz Mlynski
[618237] High CVE-2016-5127: Use-after-free in Blink. Credit
to cloudfuzzer
[619166] High CVE-2016-5128: Same-origin bypass in V8. Credit
to Anonymous
[620553] High CVE-2016-5129: Memory corruption in V8. Credit to
Jeonghoon Shin
[623319] High CVE-2016-5130: URL spoofing. Credit to Wadih
Matar
[623378] High CVE-2016-5131: Use-after-free in libxml. Credit
to Nick Wellnhofer
[607543] Medium CVE-2016-5132: Limited same-origin bypass in
Service Workers. Credit to Ben Kelly
[613626] Medium CVE-2016-5133: Origin confusion in proxy
authentication. Credit to Patch Eudor
[593759] Medium CVE-2016-5134: URL leakage via PAC script.
Credit to Paul Stone
[605451] Medium CVE-2016-5135: Content-Security-Policy bypass.
Credit to kingxwy
[625393] Medium CVE-2016-5136: Use after free in extensions.
Credit to Rob Wu
[625945] Medium CVE-2016-5137: History sniffing with HSTS and
CSP. Credit to Xiaoyin Liu
[629852] CVE-2016-1705: Various fixes from internal audits,
fuzzing and other initiatives.
9.6 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.106 Low
EPSS
Percentile
94.9%