vulnerability

Debian: CVE-2016-5128: chromium-browser -- security update

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
7	(AV:N/AC:M/Au:N/C:P/I:P/A:P)	Jul 23, 2016	Aug 1, 2016	Mar 30, 2026

Severity

CVSS

(AV:N/AC:M/Au:N/C:P/I:P/A:P)

Published

Jul 23, 2016

Added

Aug 1, 2016

Modified

Mar 30, 2026

Description

objects.cc in Google V8 before 5.2.361.27, as used in Google Chrome before 52.0.2743.82, does not prevent API interceptors from modifying a store target without setting a property, which allows remote attackers to bypass the Same Origin Policy via a crafted web site.

Solution

debian-upgrade-chromium-browser

References

CVE-2016-5128
https://attackerkb.com/topics/CVE-2016-5128
DEBIAN-DSA-3637
EUVD-EUVD-2016-6079
https://euvd.enisa.europa.eu/vulnerability/EUVD-2016-6079

Rapid7 Labs

2026 Global Threat Landscape Report

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.

Get report