Lucene search

K
ubuntucveUbuntu.comUB:CVE-2016-1711
HistoryJul 23, 2016 - 12:00 a.m.

CVE-2016-1711

2016-07-2300:00:00
ubuntu.com
ubuntu.com
5

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.009 Low

EPSS

Percentile

82.7%

WebKit/Source/core/loader/FrameLoader.cpp in Blink, as used in Google
Chrome before 52.0.2743.82, does not disable frame navigation during a
detach operation on a DocumentLoader object, which allows remote attackers
to bypass the Same Origin Policy via a crafted web site.

OSVersionArchitecturePackageVersionFilename
ubuntu14.04noarchchromium-browser< 52.0.2743.116-0ubuntu0.14.04.1.1134UNKNOWN
ubuntu16.04noarchchromium-browser< 52.0.2743.116-0ubuntu0.16.04.1.1250UNKNOWN
ubuntu16.10noarchchromium-browser< 53.0.2785.143-0ubuntu1.1307UNKNOWN
ubuntu14.04noarchoxide-qt< 1.16.5-0ubuntu0.14.04.1UNKNOWN
ubuntu16.04noarchoxide-qt< 1.16.5-0ubuntu0.16.04.1UNKNOWN
ubuntu16.10noarchoxide-qt< 1.16.7-0ubuntu1UNKNOWN

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.009 Low

EPSS

Percentile

82.7%