Google Chrome Security Restriction Bypass Vulnerability (CVE-2016-1638)
Google Chrome Security Restriction Bypass Vulnerability (CVE-2016-1638)
Release date:
Updated on:
Affected Systems:
Google Chrome <= 49.0.2623.75
Description:
CVE (CAN) ID: CVE-2016-1638
Google Chrome is a Web browser tool developed by Google.
In Extensions subsystems earlier than Google Chrome 49.0.2623.75, extensions/renderer/resources/platform_app.js does not properly restrict the use of Web APIs. There are multiple vulnerabilities that allow remote attackers to bypass target access restrictions.
<* Source: Google
*>
Suggestion:
Vendor patch:
Google
------
The vendor has released a patch to fix this security problem. Please download it from the vendor's homepage:
Http://googlechromereleases.blogspot.com/2016/03/stable-channel-update.html
This article permanently updates the link address: