CVE-2016-1697

Description

The FrameLoader::startLoad function in WebKit/Source/core/loader/FrameLoader.cpp in Blink, as used in Google Chrome before 51.0.2704.79, does not prevent frame navigations during DocumentLoader detach operations, which allows remote attackers to bypass the Same Origin Policy via crafted JavaScript code.

Predictions

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

No vendor mitigations ingested yet for this CVE. The mitigation-content worker queues fetches as references arrive — check back in a few minutes, or see the references list below.

References

• http://googlechromereleases.blogspot.com/2016/06/stable-channel-update.html
• http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00003.html
• http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00004.html
• http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00005.html
• http://www.debian.org/security/2016/dsa-3594
• http://www.securitytracker.com/id/1036026
• http://www.ubuntu.com/usn/USN-2992-1
• https://access.redhat.com/errata/RHSA-2016:1201
• https://codereview.chromium.org/2021373003
• https://crbug.com/613266
• http://googlechromereleases.blogspot.com/2016/06/stable-channel-update.html
• http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00003.html
• http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00004.html
• http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00005.html
• http://www.debian.org/security/2016/dsa-3594
• http://www.securitytracker.com/id/1036026
• http://www.ubuntu.com/usn/USN-2992-1
• https://access.redhat.com/errata/RHSA-2016:1201
• https://codereview.chromium.org/2021373003
• https://crbug.com/613266

CWEs

CWE-284