CVE-2016-5165
published 2016-09-11CVE-2016-5165: Cross-site scripting (XSS) vulnerability in the Developer Tools (aka DevTools) subsystem in Google Chrome before 53.0.2785.89 on Windows and OS X and before…
PriorityP277medium6.1CVSS 3.0
AVNACLPRNUIRSCCLILAN
ITWVulnCheck KEV
Exploited in the wild
EPSS
1.25%
65.6th percentile
Cross-site scripting (XSS) vulnerability in the Developer Tools (aka DevTools) subsystem in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux allows remote attackers to inject arbitrary web script or HTML via the settings parameter in a chrome-devtools-frontend.appspot.com URL's query string.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| chrome | <= 52.0.2743.116 | — | |
| opensuse | leap | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Monitor for XSS payloads delivered via the `settings` query string parameter in requests to chrome-devtools-frontend.appspot.com URLs, which is the injection vector for this CVE. ↗
- →Flag use of Google Chrome versions prior to 53.0.2785.89 (Windows/OS X) or 53.0.2785.92 (Linux) as vulnerable to this DevTools XSS script injection. ↗
- ·The vulnerability is specific to the DevTools (chrome-devtools-frontend.appspot.com) subsystem; exploitation requires the attacker to influence the `settings` parameter in the DevTools URL query string, limiting the attack surface to scenarios where an attacker can craft or redirect to a malicious DevTools URL. ↗
CVSS provenance
nvdv3.06.1MEDIUMCVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
nvdv2.04.3MEDIUMAV:N/AC:M/Au:N/C:N/I:P/A:N
osv7.5HIGH
vulncheck6.1MEDIUM
vendor_ubuntu7.5HIGH
vendor_redhat6.1MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-2rw9-q6xx-mmw5: Cross-site scripting (XSS) vulnerability in the Developer Tools (aka DevTools) subsystem in Google Chrome before 53
ghsa_unreviewed·2022-05-14
CVE-2016-5165 [MEDIUM] CWE-79 GHSA-2rw9-q6xx-mmw5: Cross-site scripting (XSS) vulnerability in the Developer Tools (aka DevTools) subsystem in Google Chrome before 53
Cross-site scripting (XSS) vulnerability in the Developer Tools (aka DevTools) subsystem in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux allows remote attackers to inject arbitrary web script or HTML via the settings parameter in a chrome-devtools-frontend.appspot.com URL's query string.
OSV
oxide-qt vulnerabilities
osv·2016-09-14·CVSS 7.5
CVE-2016-5141 [HIGH] oxide-qt vulnerabilities
oxide-qt vulnerabilities
An issue was discovered in Blink involving the provisional URL for an
initially empty document. An attacker could potentially exploit this to
spoof the currently displayed URL. (CVE-2016-5141)
A use-after-free was discovered in the WebCrypto implementation in Blink.
If a user were tricked in to opening a specially crafted website, an
attacker could potentially exploit this to cause a denial of service via
application crash, or execute arbitrary code. (CVE-2016-5142)
It was discovered that the devtools subsystem in Blink mishandles various
parameters. An attacker could exploit this to bypass intended access
restrictions. (CVE-2016-5143, CVE-2016-5144)
It was discovered that Blink does not ensure that a taint property is
preserved after a structure-clone operatio
OSV
CVE-2016-5165: Cross-site scripting (XSS) vulnerability in the Developer Tools (aka DevTools) subsystem in Google Chrome before 53
osv·2016-09-02·CVSS 6.1
CVE-2016-5165 [MEDIUM] CVE-2016-5165: Cross-site scripting (XSS) vulnerability in the Developer Tools (aka DevTools) subsystem in Google Chrome before 53
Cross-site scripting (XSS) vulnerability in the Developer Tools (aka DevTools) subsystem in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux allows remote attackers to inject arbitrary web script or HTML via the settings parameter in a chrome-devtools-frontend.appspot.com URL's query string.
VulnCheck
Google Chrome Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
vulncheck·2016·CVSS 6.1
CVE-2016-5165 [MEDIUM] Google Chrome Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Google Chrome Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Cross-site scripting (XSS) vulnerability in the Developer Tools (aka DevTools) subsystem in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux allows remote attackers to inject arbitrary web script or HTML via the settings parameter in a chrome-devtools-frontend.appspot.com URL's query string.
Affected: Google Chrome
Required Action: Apply remediations or mitigations per vendor instructions or discontinue use of the product if remediation or mitigations are unavailable.
Exploitation References: https://dl.acm.org/doi/pdf/10.1145/3465481.3465758
Ubuntu
Oxide vulnerabilities
vendor_ubuntu·2016-09-14·CVSS 7.5
CVE-2016-5141 [HIGH] Oxide vulnerabilities
Title: Oxide vulnerabilities
Summary: Several security issues were fixed in Oxide.
An issue was discovered in Blink involving the provisional URL for an
initially empty document. An attacker could potentially exploit this to
spoof the currently displayed URL. (CVE-2016-5141)
A use-after-free was discovered in the WebCrypto implementation in Blink.
If a user were tricked in to opening a specially crafted website, an
attacker could potentially exploit this to cause a denial of service via
application crash, or execute arbitrary code. (CVE-2016-5142)
It was discovered that the devtools subsystem in Blink mishandles various
parameters. An attacker could exploit this to bypass intended access
restrictions. (CVE-2016-5143, CVE-2016-5144)
It was discovered that Blink does not ensure that a t
Red Hat
chromium-browser: script injection in devtools
vendor_redhat·2016-08-31·CVSS 6.1
CVE-2016-5165 [MEDIUM] chromium-browser: script injection in devtools
chromium-browser: script injection in devtools
Cross-site scripting (XSS) vulnerability in the Developer Tools (aka DevTools) subsystem in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux allows remote attackers to inject arbitrary web script or HTML via the settings parameter in a chrome-devtools-frontend.appspot.com URL's query string.
No detection rules found.
No public exploits indexed.
Bugzilla
chromium: various flaws [fedora-all]
bugzilla·2016-09-01·CVSS 6.1
[MEDIUM] chromium: various flaws [fedora-all]
chromium: various flaws [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of Fedora.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
NOTE: this issue affects multiple supported versions of Fedora. While only
one tracking bug has b
Bugzilla
CVE-2016-5165 chromium-browser: script injection in devtools
bugzilla·2016-09-01·CVSS 6.1
CVE-2016-5165 [MEDIUM] CVE-2016-5165 chromium-browser: script injection in devtools
CVE-2016-5165 chromium-browser: script injection in devtools
A script injection flaw was found in the DevTools component of the Chromium browser.
Upstream bug(s):
https://code.google.com/p/chromium/issues/detail?id=618037
External References:
https://googlechromereleases.blogspot.com/2016/08/stable-channel-update-for-desktop_31.html
Discussion:
Created chromium tracking bugs for this issue:
Affects: fedora-all [bug 1372232]
---
chromium-53.0.2785.101-1.fc24 has been pushed to the Fedora 24 stable repository. If problems still persist, please make note of it in this bug report.
---
This issue has been addressed in the following products:
Red Hat Enterprise Linux 6 Supplementary
Via RHSA-2016:1854 https://rhn.redhat.com/errata/RHSA-2016-1854.html
---
chromium-53.0.2785.101-1.
http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00003.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-09/msg00004.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-09/msg00008.htmlhttp://lists.opensuse.org/opensuse-updates/2016-09/msg00073.htmlhttp://rhn.redhat.com/errata/RHSA-2016-1854.htmlhttp://www.debian.org/security/2016/dsa-3660http://www.securityfocus.com/bid/92717http://www.securitytracker.com/id/1036729https://codereview.chromium.org/2177983004https://crbug.com/618037https://googlechromereleases.blogspot.com/2016/08/stable-channel-update-for-desktop_31.htmlhttps://security.gentoo.org/glsa/201610-09http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00003.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-09/msg00004.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-09/msg00008.htmlhttp://lists.opensuse.org/opensuse-updates/2016-09/msg00073.htmlhttp://rhn.redhat.com/errata/RHSA-2016-1854.htmlhttp://www.debian.org/security/2016/dsa-3660http://www.securityfocus.com/bid/92717http://www.securitytracker.com/id/1036729https://codereview.chromium.org/2177983004https://crbug.com/618037https://googlechromereleases.blogspot.com/2016/08/stable-channel-update-for-desktop_31.htmlhttps://security.gentoo.org/glsa/201610-09
2016-09-11
Published
Exploited in the wild