CVE-2016-1632 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2016-1632 Interim 1 14 2023-12-09T01:21:02Z current 2021-05-30T13:38:10Z 2023-12-09T01:21:02Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2016-1632 The Extensions subsystem in Google Chrome before 49.0.2623.75 does not properly maintain own properties, which allows remote attackers to bypass intended access restrictions via crafted JavaScript code that triggers an incorrect cast, related to extensions/renderer/v8_helpers.h and gin/converter.h. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://lists.suse.com/pipermail/sle-security-updates/2016-March/001913.html E-Mail link for SUSE-SU-2016:0665-1 https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/D3C3NOJM72UXURYDWTEMDOPUCNQC7J6A/#D3C3NOJM72UXURYDWTEMDOPUCNQC7J6A E-Mail link for openSUSE-SU-2016:0664-1 https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/DDITRUQS4SRIKAXVWYM3UEYWRLUUYM7Z/#DDITRUQS4SRIKAXVWYM3UEYWRLUUYM7Z E-Mail link for openSUSE-SU-2016:0684-1 https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/3OPH54WIXHYBZND4XGIJC36WO62H6YQD/#3OPH54WIXHYBZND4XGIJC36WO62H6YQD E-Mail link for openSUSE-SU-2016:0729-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings openSUSE Leap 15.0 openSUSE Leap 15.2 openSUSE Leap 15.3 openSUSE Leap 15.4 openSUSE Tumbleweed chromedriver-55.0.2883.75-3.1 chromium-101.0.4951.64-bp154.1.2 chromium-55.0.2883.75-3.1 chromium-66.0.3359.170-lp150.1.1 chromium-83.0.4103.97-lp152.1.1 chromium-90.0.4430.212-bp153.1.1 ungoogled-chromium-113.0.5672.92-1.1 ungoogled-chromium-chromedriver-113.0.5672.92-1.1 chromium-66.0.3359.170-lp150.1.1 as a component of openSUSE Leap 15.0 chromium-83.0.4103.97-lp152.1.1 as a component of openSUSE Leap 15.2 chromium-90.0.4430.212-bp153.1.1 as a component of openSUSE Leap 15.3 chromium-101.0.4951.64-bp154.1.2 as a component of openSUSE Leap 15.4 chromedriver-55.0.2883.75-3.1 as a component of openSUSE Tumbleweed chromium-55.0.2883.75-3.1 as a component of openSUSE Tumbleweed ungoogled-chromium-113.0.5672.92-1.1 as a component of openSUSE Tumbleweed ungoogled-chromium-chromedriver-113.0.5672.92-1.1 as a component of openSUSE Tumbleweed The Extensions subsystem in Google Chrome before 49.0.2623.75 does not properly maintain own properties, which allows remote attackers to bypass intended access restrictions via crafted JavaScript code that triggers an incorrect cast, related to extensions/renderer/v8_helpers.h and gin/converter.h. CVE-2016-1632 openSUSE Leap 15.0:chromium-66.0.3359.170-lp150.1.1 openSUSE Leap 15.2:chromium-83.0.4103.97-lp152.1.1 openSUSE Leap 15.3:chromium-90.0.4430.212-bp153.1.1 openSUSE Leap 15.4:chromium-101.0.4951.64-bp154.1.2 openSUSE Tumbleweed:chromedriver-55.0.2883.75-3.1 openSUSE Tumbleweed:chromium-55.0.2883.75-3.1 openSUSE Tumbleweed:ungoogled-chromium-113.0.5672.92-1.1 openSUSE Tumbleweed:ungoogled-chromium-chromedriver-113.0.5672.92-1.1 important 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P 8.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H