CVE-2016-1711

Priority
Description
WebKit/Source/core/loader/FrameLoader.cpp in Blink, as used in Google
Chrome before 52.0.2743.82, does not disable frame navigation during a
detach operation on a DocumentLoader object, which allows remote attackers
to bypass the Same Origin Policy via a crafted web site.
Notes
Package
Upstream:released (52.0.2743.82)
Ubuntu 14.04 ESM (Trusty Tahr):DNE (trusty was released [52.0.2743.116-0ubuntu0.14.04.1.1134])
Ubuntu 16.04 LTS (Xenial Xerus):released (52.0.2743.116-0ubuntu0.16.04.1.1250)
Package
Upstream:released (1.16.5)
Ubuntu 14.04 ESM (Trusty Tahr):DNE (trusty was released [1.16.5-0ubuntu0.14.04.1])
Ubuntu 16.04 LTS (Xenial Xerus):released (1.16.5-0ubuntu0.16.04.1)
More Information

Updated: 2020-01-29 19:54:34 UTC (commit 768ceb2fdee6790d707d0f681e1b54916744af1e)