Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
NVD Vulnerability Details :
CVE-2016-1643
Deferred
More InfoOfficial Page
Source-chrome-cve-admin@google.com
View Known Exploited Vulnerability (KEV) details
Published At-13 Mar, 2016 | 22:59
Updated At-12 Apr, 2025 | 10:46

The ImageInputType::ensurePrimaryContent function in WebKit/Source/core/html/forms/ImageInputType.cpp in Blink, as used in Google Chrome before 49.0.2623.87, does not properly maintain the user agent shadow DOM, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that leverage "type confusion."

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.08.8HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Primary2.09.3HIGH
AV:N/AC:M/Au:N/C:C/I:C/A:C
Type: Primary
Version: 3.0
Base score: 8.8
Base severity: HIGH
Vector:
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Type: Primary
Version: 2.0
Base score: 9.3
Base severity: HIGH
Vector:
AV:N/AC:M/Au:N/C:C/I:C/A:C
CPE Matches
Google LLC
google
>>chrome>>Versions up to 49.0.2623.75(inclusive)
cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-361Primarynvd@nist.gov
CWE ID: CWE-361
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://googlechromereleases.blogspot.com/2016/03/stable-channel-update_8.htmlchrome-cve-admin@google.com
N/A
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00066.htmlchrome-cve-admin@google.com
N/A
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00067.htmlchrome-cve-admin@google.com
N/A
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00073.htmlchrome-cve-admin@google.com
N/A
http://www.debian.org/security/2016/dsa-3513chrome-cve-admin@google.com
N/A
http://www.securityfocus.com/bid/84224chrome-cve-admin@google.com
N/A
http://www.securitytracker.com/id/1035259chrome-cve-admin@google.com
N/A
http://www.ubuntu.com/usn/USN-2920-1chrome-cve-admin@google.com
N/A
https://code.google.com/p/chromium/issues/detail?id=589838chrome-cve-admin@google.com
N/A
https://codereview.chromium.org/1732753004chrome-cve-admin@google.com
N/A
http://googlechromereleases.blogspot.com/2016/03/stable-channel-update_8.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00066.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00067.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00073.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.debian.org/security/2016/dsa-3513af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.securityfocus.com/bid/84224af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.securitytracker.com/id/1035259af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.ubuntu.com/usn/USN-2920-1af854a3a-2127-422b-91ae-364da2661108
N/A
https://code.google.com/p/chromium/issues/detail?id=589838af854a3a-2127-422b-91ae-364da2661108
N/A
https://codereview.chromium.org/1732753004af854a3a-2127-422b-91ae-364da2661108
N/A
Hyperlink: http://googlechromereleases.blogspot.com/2016/03/stable-channel-update_8.html
Source: chrome-cve-admin@google.com
Resource: N/A
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00066.html
Source: chrome-cve-admin@google.com
Resource: N/A
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00067.html
Source: chrome-cve-admin@google.com
Resource: N/A
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00073.html
Source: chrome-cve-admin@google.com
Resource: N/A
Hyperlink: http://www.debian.org/security/2016/dsa-3513
Source: chrome-cve-admin@google.com
Resource: N/A
Hyperlink: http://www.securityfocus.com/bid/84224
Source: chrome-cve-admin@google.com
Resource: N/A
Hyperlink: http://www.securitytracker.com/id/1035259
Source: chrome-cve-admin@google.com
Resource: N/A
Hyperlink: http://www.ubuntu.com/usn/USN-2920-1
Source: chrome-cve-admin@google.com
Resource: N/A
Hyperlink: https://code.google.com/p/chromium/issues/detail?id=589838
Source: chrome-cve-admin@google.com
Resource: N/A
Hyperlink: https://codereview.chromium.org/1732753004
Source: chrome-cve-admin@google.com
Resource: N/A
Hyperlink: http://googlechromereleases.blogspot.com/2016/03/stable-channel-update_8.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00066.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00067.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00073.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.debian.org/security/2016/dsa-3513
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.securityfocus.com/bid/84224
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.securitytracker.com/id/1035259
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.ubuntu.com/usn/USN-2920-1
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://code.google.com/p/chromium/issues/detail?id=589838
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://codereview.chromium.org/1732753004
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Change History
0Changes found
Details not found