WebKit/Source/core/loader/FrameLoader.cpp in Blink, as used in Google Chrome before 52.0.2743.82, does not disable frame navigation during a detach operation on a DocumentLoader object, which allows remote attackers to bypass the Same Origin Policy via a crafted web site.
| Type | CWE ID | Description |
|---|---|---|
| text | N/A | n/a |
| Version | Base score | Base severity | Vector |
|---|
| CAPEC ID | Description |
|---|
| Event | Date |
|---|
| Hyperlink | Resource |
|---|---|
| http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00021.html | vendor-advisory x_refsource_SUSE |
| https://codereview.chromium.org/2079473002 | x_refsource_CONFIRM |
| http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00022.html | vendor-advisory x_refsource_SUSE |
| http://www.securityfocus.com/bid/92053 | vdb-entry x_refsource_BID |
| http://googlechromereleases.blogspot.com/2016/07/stable-channel-update.html | x_refsource_CONFIRM |
| http://www.ubuntu.com/usn/USN-3041-1 | vendor-advisory x_refsource_UBUNTU |
| http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00028.html | vendor-advisory x_refsource_SUSE |
| https://crbug.com/617495 | x_refsource_CONFIRM |
| http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00020.html | vendor-advisory x_refsource_SUSE |
| http://rhn.redhat.com/errata/RHSA-2016-1485.html | vendor-advisory x_refsource_REDHAT |
| http://www.securitytracker.com/id/1036428 | vdb-entry x_refsource_SECTRACK |
| http://www.debian.org/security/2016/dsa-3637 | vendor-advisory x_refsource_DEBIAN |
| Version | Base score | Base severity | Vector |
|---|
| CAPEC ID | Description |
|---|
| Event | Date |
|---|