vulnerability
Ubuntu: USN-2895-1 (CVE-2016-1623): Oxide vulnerabilities
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 7 | (AV:N/AC:M/Au:N/C:P/I:P/A:P) | Feb 13, 2016 | Feb 18, 2016 | Apr 14, 2025 |
Severity
7
CVSS
(AV:N/AC:M/Au:N/C:P/I:P/A:P)
Published
Feb 13, 2016
Added
Feb 18, 2016
Modified
Apr 14, 2025
Description
The DOM implementation in Chromium did not properly restrict frame-attach
operations from occurring during or after frame-detach operations. If a
user were tricked in to opening a specially crafted website, an attacker
could potentially exploit this to bypass same-origin restrictions.
(CVE-2016-1623)
An integer underflow was discovered in Brotli. If a user were tricked in
to opening a specially crafted website, an attacker could potentially
exploit this to cause a denial of service via application crash, or
execute arbitrary code with the privileges of the user invoking the
program. (CVE-2016-1624)
Solution
ubuntu-upgrade-liboxideqtcore0
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.