CVE-2016-1667 (retired)

Priority
Description
The TreeScope::adoptIfNeeded function in
WebKit/Source/core/dom/TreeScope.cpp in the DOM implementation in Blink, as
used in Google Chrome before 50.0.2661.102, does not prevent script
execution during node-adoption operations, which allows remote attackers to
bypass the Same Origin Policy via a crafted web site.
Package
Upstream:released (50.0.2661.102)
Ubuntu 14.04 LTS (Trusty Tahr):released (50.0.2661.102-0ubuntu0.14.04.1.1117)
Ubuntu 16.04 LTS (Xenial Xerus):released (50.0.2661.102-0ubuntu0.16.04.1.1237)
Package
Upstream:released (1.14.9)
Ubuntu 14.04 LTS (Trusty Tahr):released (1.14.9-0ubuntu0.14.04.1)
Ubuntu 16.04 LTS (Xenial Xerus):released (1.14.9-0ubuntu0.16.04.1)
More Information

Updated: 2019-03-26 12:18:55 UTC (commit ccdecfcf0fead22bd291e5f4ea745a46872dcb15)