CVE-2016-1667Improper Access Control in Google Chrome

CWE-284Improper Access Control7 documents6 sources
Severity
8.8HIGHNVD
EPSS
0.6%
top 29.97%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Google ChromeDebian LinuxOpensuse
Timeline
PublishedMay 14
Latest updateMay 14

Description

The TreeScope::adoptIfNeeded function in WebKit/Source/core/dom/TreeScope.cpp in the DOM implementation in Blink, as used in Google Chrome before 50.0.2661.102, does not prevent script execution during node-adoption operations, which allows remote attackers to bypass the Same Origin Policy via a crafted web site.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages2 packages

NVDgoogle/chrome50.0.2661.87

Also affects: Debian Linux 8.0

🔴Vulnerability Details

3
GHSA
GHSA-q74m-chqj-h6wx: The TreeScope::adoptIfNeeded function in WebKit/Source/core/dom/TreeScope2022-05-14
OSV
oxide-qt vulnerabilities2016-05-18
OSV
CVE-2016-1667: The TreeScope::adoptIfNeeded function in WebKit/Source/core/dom/TreeScope2016-05-13

📋Vendor Advisories

2
Ubuntu
Oxide vulnerabilities2016-05-18
Red Hat
chromium-browser: same origin bypass in dom2016-05-11

💬Community

1
Bugzilla
CVE-2016-1667 chromium-browser: same origin bypass in dom2016-05-12