Lucene search

K
ubuntucveUbuntu.comUB:CVE-2016-1652
HistoryApr 18, 2016 - 12:00 a.m.

CVE-2016-1652

2016-04-1800:00:00
ubuntu.com
ubuntu.com
8

6.1 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

4.3 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.003 Low

EPSS

Percentile

71.4%

Cross-site scripting (XSS) vulnerability in the
ModuleSystem::RequireForJsInner function in
extensions/renderer/module_system.cc in the Extensions subsystem in Google
Chrome before 50.0.2661.75 allows remote attackers to inject arbitrary web
script or HTML via a crafted web site, aka “Universal XSS (UXSS).”

OSVersionArchitecturePackageVersionFilename
ubuntu14.04noarchchromium-browser< 50.0.2661.102-0ubuntu0.14.04.1.1117UNKNOWN
ubuntu15.10noarchchromium-browser< 50.0.2661.102-0ubuntu0.15.10.1.1227UNKNOWN
ubuntu16.04noarchchromium-browser< 50.0.2661.102-0ubuntu0.16.04.1.1237UNKNOWN

6.1 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

4.3 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.003 Low

EPSS

Percentile

71.4%