NVD

Id
18026  
Name
CVE-2016-1676  
Description
extensions/renderer/resources/binding.js in the extension bindings in Google Chrome before 51.0.2704.63 does not properly use prototypes, which allows remote attackers to bypass the Same Origin Policy via unspecified vectors.  
Reject
 
CVSS Version
2  
CVSS Score
6.8  
Severity
Medium  
CVSS Base Score
6.8  
CVSS Impact Subscore
6.4  
CVSS Exploit Subscore
8.6  
CVSS Vector
(AV:N/AC:M/Au:N/C:P/I:P/A:P)  
Pub Date
2017-01-19  
Published
2016-06-05  
Modified Date
2016-11-28  
Seq
2016-1676  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
99042 18026 CVE-2016-1676 http://googlechromereleases.blogspot.com/2016/05/stable-channel-update_25.html  View
99043 18026 CVE-2016-1676 openSUSE-SU-2016:1430  View
99044 18026 CVE-2016-1676 openSUSE-SU-2016:1433  View
99045 18026 CVE-2016-1676 openSUSE-SU-2016:1496  View
99046 18026 CVE-2016-1676 DSA-3590  View
99047 18026 CVE-2016-1676 90876  View
99048 18026 CVE-2016-1676 1035981  View
99049 18026 CVE-2016-1676 RHSA-2016:1190  View
99050 18026 CVE-2016-1676 https://codereview.chromium.org/1903273003  View
99051 18026 CVE-2016-1676 https://crbug.com/604901  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
2225 JVNDB-2016-002998 Google Chrome の拡張サブシステムの extensions/renderer/resources/binding.js における同一生成元ポリシーを回避される脆弱性 Google Chrome の拡張サブシステムの extensions/renderer/resources/binding.js は、プロトタイプを適切に使用しないため、同一生成元ポリシーを回避される脆弱性が存在します。 CVE-2016-1676 88182 CVE-2016-1676 18026 6.8 8.8 http://jvndb.jvn.jp/ja/contents/2016/JVNDB-2016-002998.html 2016-05-25 2016-08-31 View