cnvd - cnvd-2016-01233

cnvd-2016-01233

Vulnerability from cnvd

Title

Google Chrome Extensions子系统同源策略绕过漏洞

Description

Google Chrome是一款流行的Web浏览器。 Google Chrome的Extensions子系统未能限制使用Object.defineProperty方法重写built-in扩展代码，远程攻击者可利用特制的JavaScript代码利用该漏洞绕过同源策略。

Severity

中

Patch Name

Google Chrome Extensions子系统同源策略绕过漏洞的补丁

Patch Description

Google Chrome是一款流行的Web浏览器。 Google Chrome的Extensions子系统未能限制使用Object.defineProperty方法重写built-in扩展代码，远程攻击者可利用特制的JavaScript代码利用该漏洞绕过同源策略。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description

用户可参考如下厂商提供的安全补丁以修复该漏洞： http://googlechromereleases.blogspot.com/2016/02/stable-channel-update_9.html

Reference

http://googlechromereleases.blogspot.com/2016/02/stable-channel-update_9.html

Impacted products

Name
Google Chrome < 48.0.2564.109

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2016-1622"
    }
  },
  "description": "Google Chrome\u662f\u4e00\u6b3e\u6d41\u884c\u7684Web\u6d4f\u89c8\u5668\u3002\r\n\r\nGoogle Chrome\u7684Extensions\u5b50\u7cfb\u7edf\u672a\u80fd\u9650\u5236\u4f7f\u7528Object.defineProperty\u65b9\u6cd5\u91cd\u5199built-in\u6269\u5c55\u4ee3\u7801\uff0c\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u5229\u7528\u7279\u5236\u7684JavaScript\u4ee3\u7801\u5229\u7528\u8be5\u6f0f\u6d1e\u7ed5\u8fc7\u540c\u6e90\u7b56\u7565\u3002",
  "discovererName": "Google",
  "formalWay": "\u7528\u6237\u53ef\u53c2\u8003\u5982\u4e0b\u5382\u5546\u63d0\u4f9b\u7684\u5b89\u5168\u8865\u4e01\u4ee5\u4fee\u590d\u8be5\u6f0f\u6d1e\uff1a\r\nhttp://googlechromereleases.blogspot.com/2016/02/stable-channel-update_9.html",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2016-01233",
  "openTime": "2016-02-24",
  "patchDescription": "Google Chrome\u662f\u4e00\u6b3e\u6d41\u884c\u7684Web\u6d4f\u89c8\u5668\u3002\r\n\r\nGoogle Chrome\u7684Extensions\u5b50\u7cfb\u7edf\u672a\u80fd\u9650\u5236\u4f7f\u7528Object.defineProperty\u65b9\u6cd5\u91cd\u5199built-in\u6269\u5c55\u4ee3\u7801\uff0c\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u5229\u7528\u7279\u5236\u7684JavaScript\u4ee3\u7801\u5229\u7528\u8be5\u6f0f\u6d1e\u7ed5\u8fc7\u540c\u6e90\u7b56\u7565\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Google Chrome Extensions\u5b50\u7cfb\u7edf\u540c\u6e90\u7b56\u7565\u7ed5\u8fc7\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": "Google Chrome \u003c 48.0.2564.109"
  },
  "referenceLink": "http://googlechromereleases.blogspot.com/2016/02/stable-channel-update_9.html",
  "serverity": "\u4e2d",
  "submitTime": "2016-02-23",
  "title": "Google Chrome Extensions\u5b50\u7cfb\u7edf\u540c\u6e90\u7b56\u7565\u7ed5\u8fc7\u6f0f\u6d1e"
}

CVE-2016-1622 (GCVE-0-2016-1622)

Vulnerability from cvelistv5

Published

2016-02-14 02:00

Modified

2024-08-05 23:02

Severity ?

CWE

Summary

The Extensions subsystem in Google Chrome before 48.0.2564.109 does not prevent use of the Object.defineProperty method to override intended extension behavior, which allows remote attackers to bypass the Same Origin Policy via crafted JavaScript code.

References

URL

Tags

	http://www.securityfocus.com/bid/83125	vdb-entry, x_refsource_BID
	http://www.securitytracker.com/id/1035183	vdb-entry, x_refsource_SECTRACK
	https://code.google.com/p/chromium/issues/detail?id=546677	x_refsource_CONFIRM
	http://googlechromereleases.blogspot.com/2016/02/stable-channel-update_9.html	x_refsource_CONFIRM
	https://security.gentoo.org/glsa/201603-09	vendor-advisory, x_refsource_GENTOO
	http://lists.opensuse.org/opensuse-updates/2016-02/msg00104.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-updates/2016-02/msg00119.html	vendor-advisory, x_refsource_SUSE
	http://www.debian.org/security/2016/dsa-3486	vendor-advisory, x_refsource_DEBIAN
	http://rhn.redhat.com/errata/RHSA-2016-0241.html	vendor-advisory, x_refsource_REDHAT
	https://codereview.chromium.org/1417513003	x_refsource_CONFIRM