CVE-2016-5173 : The extensions subsystem in Google Chrome before 53.0.2785.113 does not properly restrict access to Object.prototype, wh

The extensions subsystem in Google Chrome before 53.0.2785.113 does not properly restrict access to Object.prototype, which allows remote attackers to load unintended resources, and consequently trigger unintended JavaScript function calls and bypass the Same Origin Policy via an indirect interception attack.

Published 2016-09-25 20:59:06

Updated 2018-01-05 02:30:57

Source Google Inc.

View at NVD, CVE.org

Vulnerability category: BypassGain privilege

Exploit prediction scoring system (EPSS) score for CVE-2016-5173

Probability of exploitation activity in the next 30 days: 0.63%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 77 % EPSS Score History EPSS FAQ

CVSS scores for CVE-2016-5173

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
6.8	MEDIUM	AV:N/AC:M/Au:N/C:P/I:P/A:P	8.6	6.4	NIST
Access Vector: Network Access Complexity: Medium Authentication: None Confidentiality Impact: Partial Integrity Impact: Partial Availability Impact: Partial
7.1	HIGH	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L	2.8	3.7	NIST
Attack Vector: Network Attack Complexity: Low Privileges Required: None User Interaction: Required Scope: Changed Confidentiality: Low Integrity: Low Availability: Low

CWE ids for CVE-2016-5173

CWE-284 Improper Access Control

The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

Assigned by: nvd@nist.gov (Primary)

References for CVE-2016-5173

https://crbug.com/468931

468931 - Security: Webpages have access to some extension resources - chromium - Monorail
Issue Tracking;Patch
http://www.debian.org/security/2016/dsa-3667

Debian -- Security Information -- DSA-3667-1 chromium-browser

CVEs referencing this url
http://rhn.redhat.com/errata/RHSA-2016-1905.html

RHSA-2016:1905 - Security Advisory - Red Hat Customer Portal

CVEs referencing this url
https://googlechromereleases.blogspot.com/2016/09/stable-channel-update-for-desktop_13.html

Chrome Releases: Stable Channel Update for Desktop
Vendor Advisory

CVEs referencing this url
https://crbug.com/497507

497507 - Security: Cross-origin scripting possible via native functions - chromium - Monorail
Issue Tracking;Patch
http://www.securitytracker.com/id/1036826

Google Chrome Multiple Flaws Lets Remote Users Obtain Potentially Sensitive Information and Execute Arbitrary Code - SecurityTracker

CVEs referencing this url
https://security.gentoo.org/glsa/201610-09

Chromium: Multiple vulnerabilities (GLSA 201610-09) — Gentoo security

CVEs referencing this url
http://www.securityfocus.com/bid/92942

Google Chrome Prior to 53.0.2785.113 Multiple Security Vulnerabilities

CVEs referencing this url
https://codereview.chromium.org/1840453002

Issue 1840453002: [Extensions] More bindings hardening - Code Review
Issue Tracking;Patch
https://crbug.com/471523

471523 - Security: Heap-use-after-free in extensions::`anonymous namespace'::LoadWatcher::DidCreateDocumentElement+68 - chromium - Monorail
Issue Tracking;Patch

Products affected by CVE-2016-5173

Google » Chrome
Versions up to, including, (<=) 53.0.2785.101
cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*
Matching versions

Vulnerability Details : CVE-2016-5173

Exploit prediction scoring system (EPSS) score for CVE-2016-5173

CVSS scores for CVE-2016-5173

CWE ids for CVE-2016-5173

References for CVE-2016-5173

Products affected by CVE-2016-5173