Vulnerability-Lookup

CVE-2016-1670 (GCVE-0-2016-1670)

Vulnerability from cvelistv5 – Published: 2016-05-14 21:00 – Updated: 2024-08-05 23:02

Summary

Race condition in the ResourceDispatcherHostImpl::BeginRequest function in content/browser/loader/resource_dispatcher_host_impl.cc in Google Chrome before 50.0.2661.102 allows remote attackers to make arbitrary HTTP requests by leveraging access to a renderer process and reusing a request ID.

Severity ?

No CVSS data available.

CWE

Assigner

Chrome

References

URL

Tags

	http://www.securityfocus.com/bid/90584	vdb-entryx_refsource_BID
	http://www.securitytracker.com/id/1035872	vdb-entryx_refsource_SECTRACK
	http://rhn.redhat.com/errata/RHSA-2016-1080.html	vendor-advisoryx_refsource_REDHAT
	http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE
	http://www.debian.org/security/2016/dsa-3590	vendor-advisoryx_refsource_DEBIAN
	http://www.ubuntu.com/usn/USN-2960-1	vendor-advisoryx_refsource_UBUNTU
	https://crbug.com/578882	x_refsource_CONFIRM
	http://googlechromereleases.blogspot.com/2016/05/…	x_refsource_CONFIRM
	https://codereview.chromium.org/1608573002	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE
	https://security.gentoo.org/glsa/201605-02	vendor-advisoryx_refsource_GENTOO

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T23:02:12.981Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "90584",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/90584"
          },
          {
            "name": "1035872",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1035872"
          },
          {
            "name": "RHSA-2016:1080",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2016-1080.html"
          },
          {
            "name": "openSUSE-SU-2016:1304",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00043.html"
          },
          {
            "name": "openSUSE-SU-2016:1655",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00048.html"
          },
          {
            "name": "DSA-3590",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2016/dsa-3590"
          },
          {
            "name": "USN-2960-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2960-1"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://crbug.com/578882"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://googlechromereleases.blogspot.com/2016/05/stable-channel-update.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://codereview.chromium.org/1608573002"
          },
          {
            "name": "openSUSE-SU-2016:1319",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00050.html"
          },
          {
            "name": "GLSA-201605-02",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/201605-02"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-05-11T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Race condition in the ResourceDispatcherHostImpl::BeginRequest function in content/browser/loader/resource_dispatcher_host_impl.cc in Google Chrome before 50.0.2661.102 allows remote attackers to make arbitrary HTTP requests by leveraging access to a renderer process and reusing a request ID."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2016-11-29T16:57:01.000Z",
        "orgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
        "shortName": "Chrome"
      },
      "references": [
        {
          "name": "90584",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/90584"
        },
        {
          "name": "1035872",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1035872"
        },
        {
          "name": "RHSA-2016:1080",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2016-1080.html"
        },
        {
          "name": "openSUSE-SU-2016:1304",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00043.html"
        },
        {
          "name": "openSUSE-SU-2016:1655",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00048.html"
        },
        {
          "name": "DSA-3590",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2016/dsa-3590"
        },
        {
          "name": "USN-2960-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2960-1"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://crbug.com/578882"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://googlechromereleases.blogspot.com/2016/05/stable-channel-update.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://codereview.chromium.org/1608573002"
        },
        {
          "name": "openSUSE-SU-2016:1319",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00050.html"
        },
        {
          "name": "GLSA-201605-02",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "https://security.gentoo.org/glsa/201605-02"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@google.com",
          "ID": "CVE-2016-1670",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Race condition in the ResourceDispatcherHostImpl::BeginRequest function in content/browser/loader/resource_dispatcher_host_impl.cc in Google Chrome before 50.0.2661.102 allows remote attackers to make arbitrary HTTP requests by leveraging access to a renderer process and reusing a request ID."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "90584",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/90584"
            },
            {
              "name": "1035872",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1035872"
            },
            {
              "name": "RHSA-2016:1080",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2016-1080.html"
            },
            {
              "name": "openSUSE-SU-2016:1304",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00043.html"
            },
            {
              "name": "openSUSE-SU-2016:1655",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00048.html"
            },
            {
              "name": "DSA-3590",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2016/dsa-3590"
            },
            {
              "name": "USN-2960-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2960-1"
            },
            {
              "name": "https://crbug.com/578882",
              "refsource": "CONFIRM",
              "url": "https://crbug.com/578882"
            },
            {
              "name": "http://googlechromereleases.blogspot.com/2016/05/stable-channel-update.html",
              "refsource": "CONFIRM",
              "url": "http://googlechromereleases.blogspot.com/2016/05/stable-channel-update.html"
            },
            {
              "name": "https://codereview.chromium.org/1608573002",
              "refsource": "CONFIRM",
              "url": "https://codereview.chromium.org/1608573002"
            },
            {
              "name": "openSUSE-SU-2016:1319",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00050.html"
            },
            {
              "name": "GLSA-201605-02",
              "refsource": "GENTOO",
              "url": "https://security.gentoo.org/glsa/201605-02"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
    "assignerShortName": "Chrome",
    "cveId": "CVE-2016-1670",
    "datePublished": "2016-05-14T21:00:00.000Z",
    "dateReserved": "2016-01-12T00:00:00.000Z",
    "dateUpdated": "2024-08-05T23:02:12.981Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CERTFR-2016-AVI-166

Vulnerability from certfr_avis - Published: 2016-05-12 - Updated: 2016-05-12

De multiples vulnérabilités ont été corrigées dans Google Chrome. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Google Chrome versions antérieures à 50.0.2661.102 pour Windows, Mac, et Linux

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

FKIE_CVE-2016-1670

Vulnerability from fkie_nvd - Published: 2016-05-14 21:59 - Updated: 2025-04-12 10:46

Severity ?

5.3 (Medium) - CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N

Summary

References

	URL	Tags
	chrome-cve-admin@google.com	http://googlechromereleases.blogspot.com/2016/05/stable-channel-update.html
	chrome-cve-admin@google.com	http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00043.html
	chrome-cve-admin@google.com	http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00050.html
	chrome-cve-admin@google.com	http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00048.html
	chrome-cve-admin@google.com	http://rhn.redhat.com/errata/RHSA-2016-1080.html
	chrome-cve-admin@google.com	http://www.debian.org/security/2016/dsa-3590
	chrome-cve-admin@google.com	http://www.securityfocus.com/bid/90584
	chrome-cve-admin@google.com	http://www.securitytracker.com/id/1035872
	chrome-cve-admin@google.com	http://www.ubuntu.com/usn/USN-2960-1
	chrome-cve-admin@google.com	https://codereview.chromium.org/1608573002
	chrome-cve-admin@google.com	https://crbug.com/578882
	chrome-cve-admin@google.com	https://security.gentoo.org/glsa/201605-02
	af854a3a-2127-422b-91ae-364da2661108	http://googlechromereleases.blogspot.com/2016/05/stable-channel-update.html
	af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00043.html
	af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00050.html
	af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00048.html
	af854a3a-2127-422b-91ae-364da2661108	http://rhn.redhat.com/errata/RHSA-2016-1080.html
	af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2016/dsa-3590
	af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/90584
	af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1035872
	af854a3a-2127-422b-91ae-364da2661108	http://www.ubuntu.com/usn/USN-2960-1
	af854a3a-2127-422b-91ae-364da2661108	https://codereview.chromium.org/1608573002
	af854a3a-2127-422b-91ae-364da2661108	https://crbug.com/578882
	af854a3a-2127-422b-91ae-364da2661108	https://security.gentoo.org/glsa/201605-02

Impacted products

Vendor	Product	Version
google	chrome	*
opensuse	opensuse	13.1
debian	debian_linux	8.0

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "564CADC6-8AB4-4FE0-8E0A-245E87712035",
              "versionEndIncluding": "50.0.2661.87",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A10BC294-9196-425F-9FB0-B1625465B47F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Race condition in the ResourceDispatcherHostImpl::BeginRequest function in content/browser/loader/resource_dispatcher_host_impl.cc in Google Chrome before 50.0.2661.102 allows remote attackers to make arbitrary HTTP requests by leveraging access to a renderer process and reusing a request ID."
    },
    {
      "lang": "es",
      "value": "Condici\u00f3n de carrera en la funci\u00f3n ResourceDispatcherHostImpl::BeginRequest en content/browser/loader/resource_dispatcher_host_impl.cc en Google Chrome en versiones anteriores a 50.0.2661.102 permite a atacantes remotos hacer peticiones HTTP arbitrarias aprovechando el acceso a un proceso de renderizado y reutilizando una petici\u00f3n ID."
    }
  ],
  "id": "CVE-2016-1670",
  "lastModified": "2025-04-12T10:46:40.837",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "LOW",
        "cvssData": {
          "accessComplexity": "HIGH",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 2.6,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:H/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 4.9,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 5.3,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N",
          "version": "3.0"
        },
        "exploitabilityScore": 1.6,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2016-05-14T21:59:10.383",
  "references": [
    {
      "source": "chrome-cve-admin@google.com",
      "url": "http://googlechromereleases.blogspot.com/2016/05/stable-channel-update.html"
    },
    {
      "source": "chrome-cve-admin@google.com",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00043.html"
    },
    {
      "source": "chrome-cve-admin@google.com",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00050.html"
    },
    {
      "source": "chrome-cve-admin@google.com",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00048.html"
    },
    {
      "source": "chrome-cve-admin@google.com",
      "url": "http://rhn.redhat.com/errata/RHSA-2016-1080.html"
    },
    {
      "source": "chrome-cve-admin@google.com",
      "url": "http://www.debian.org/security/2016/dsa-3590"
    },
    {
      "source": "chrome-cve-admin@google.com",
      "url": "http://www.securityfocus.com/bid/90584"
    },
    {
      "source": "chrome-cve-admin@google.com",
      "url": "http://www.securitytracker.com/id/1035872"
    },
    {
      "source": "chrome-cve-admin@google.com",
      "url": "http://www.ubuntu.com/usn/USN-2960-1"
    },
    {
      "source": "chrome-cve-admin@google.com",
      "url": "https://codereview.chromium.org/1608573002"
    },
    {
      "source": "chrome-cve-admin@google.com",
      "url": "https://crbug.com/578882"
    },
    {
      "source": "chrome-cve-admin@google.com",
      "url": "https://security.gentoo.org/glsa/201605-02"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://googlechromereleases.blogspot.com/2016/05/stable-channel-update.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00043.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00050.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00048.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://rhn.redhat.com/errata/RHSA-2016-1080.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2016/dsa-3590"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/90584"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id/1035872"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ubuntu.com/usn/USN-2960-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://codereview.chromium.org/1608573002"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://crbug.com/578882"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://security.gentoo.org/glsa/201605-02"
    }
  ],
  "sourceIdentifier": "chrome-cve-admin@google.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-362"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

CNVD-2016-03259

Vulnerability from cnvd - Published: 2016-05-18

Title

Google Chrome竞争条件漏洞（CNVD-2016-03259）

Description

Google Chrome是美国谷歌（Google）公司开发的一款Web浏览器。 Google Chrome 50.0.2661.102之前版本的content/browser/loader/resource_dispatcher_host_impl.cc文件中的‘ResourceDispatcherHostImpl::BeginRequest’函数存在竞争条件漏洞。远程攻击者可利用该漏洞通过访问渲染器进程并重用请求ID构造任意HTTP请求。

Severity

中

Patch Name

Google Chrome竞争条件漏洞（CNVD-2016-03259）的补丁

Patch Description

Formal description

目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载： http://googlechromereleases.blogspot.com/2016/05/stable-channel-update.html https://crbug.com/578882 https://codereview.chromium.org/1608573002

Reference

http://googlechromereleases.blogspot.com/2016/05/stable-channel-update.html https://crbug.com/578882 https://codereview.chromium.org/1608573002

Impacted products

Name
Google Chrome <50.0.2661.102

Show details on source website

JSON

To clipboard

{
  "bids": {
    "bid": {
      "bidNumber": "90584"
    }
  },
  "cves": {
    "cve": {
      "cveNumber": "CVE-2016-1670"
    }
  },
  "description": "Google Chrome\u662f\u7f8e\u56fd\u8c37\u6b4c\uff08Google\uff09\u516c\u53f8\u5f00\u53d1\u7684\u4e00\u6b3eWeb\u6d4f\u89c8\u5668\u3002\r\n\r\nGoogle Chrome 50.0.2661.102\u4e4b\u524d\u7248\u672c\u7684content/browser/loader/resource_dispatcher_host_impl.cc\u6587\u4ef6\u4e2d\u7684\u2018ResourceDispatcherHostImpl::BeginRequest\u2019\u51fd\u6570\u5b58\u5728\u7ade\u4e89\u6761\u4ef6\u6f0f\u6d1e\u3002\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u901a\u8fc7\u8bbf\u95ee\u6e32\u67d3\u5668\u8fdb\u7a0b\u5e76\u91cd\u7528\u8bf7\u6c42ID\u6784\u9020\u4efb\u610fHTTP\u8bf7\u6c42\u3002",
  "discovererName": "Google",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u8fd9\u4e2a\u5b89\u5168\u95ee\u9898\uff0c\u8bf7\u5230\u5382\u5546\u7684\u4e3b\u9875\u4e0b\u8f7d\uff1a\r\nhttp://googlechromereleases.blogspot.com/2016/05/stable-channel-update.html\r\nhttps://crbug.com/578882\r\nhttps://codereview.chromium.org/1608573002",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2016-03259",
  "openTime": "2016-05-18",
  "patchDescription": "Google Chrome\u662f\u7f8e\u56fd\u8c37\u6b4c\uff08Google\uff09\u516c\u53f8\u5f00\u53d1\u7684\u4e00\u6b3eWeb\u6d4f\u89c8\u5668\u3002\r\n\r\nGoogle Chrome 50.0.2661.102\u4e4b\u524d\u7248\u672c\u7684content/browser/loader/resource_dispatcher_host_impl.cc\u6587\u4ef6\u4e2d\u7684\u2018ResourceDispatcherHostImpl::BeginRequest\u2019\u51fd\u6570\u5b58\u5728\u7ade\u4e89\u6761\u4ef6\u6f0f\u6d1e\u3002\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u901a\u8fc7\u8bbf\u95ee\u6e32\u67d3\u5668\u8fdb\u7a0b\u5e76\u91cd\u7528\u8bf7\u6c42ID\u6784\u9020\u4efb\u610fHTTP\u8bf7\u6c42\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Google Chrome\u7ade\u4e89\u6761\u4ef6\u6f0f\u6d1e\uff08CNVD-2016-03259\uff09\u7684\u8865\u4e01",
  "products": {
    "product": "Google Chrome \u003c50.0.2661.102"
  },
  "referenceLink": "http://googlechromereleases.blogspot.com/2016/05/stable-channel-update.html\r\nhttps://crbug.com/578882\r\nhttps://codereview.chromium.org/1608573002",
  "serverity": "\u4e2d",
  "submitTime": "2016-05-16",
  "title": "Google Chrome\u7ade\u4e89\u6761\u4ef6\u6f0f\u6d1e\uff08CNVD-2016-03259\uff09"
}

GSD-2016-1670

Vulnerability from gsd - Updated: 2023-12-13 01:21

Details

Aliases

CVE-2016-1670

Aliases

CVE-2016-1670

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2016-1670",
    "description": "Race condition in the ResourceDispatcherHostImpl::BeginRequest function in content/browser/loader/resource_dispatcher_host_impl.cc in Google Chrome before 50.0.2661.102 allows remote attackers to make arbitrary HTTP requests by leveraging access to a renderer process and reusing a request ID.",
    "id": "GSD-2016-1670",
    "references": [
      "https://www.suse.com/security/cve/CVE-2016-1670.html",
      "https://www.debian.org/security/2016/dsa-3590",
      "https://access.redhat.com/errata/RHSA-2016:1080",
      "https://ubuntu.com/security/CVE-2016-1670",
      "https://advisories.mageia.org/CVE-2016-1670.html"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2016-1670"
      ],
      "details": "Race condition in the ResourceDispatcherHostImpl::BeginRequest function in content/browser/loader/resource_dispatcher_host_impl.cc in Google Chrome before 50.0.2661.102 allows remote attackers to make arbitrary HTTP requests by leveraging access to a renderer process and reusing a request ID.",
      "id": "GSD-2016-1670",
      "modified": "2023-12-13T01:21:24.586082Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "security@google.com",
        "ID": "CVE-2016-1670",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Race condition in the ResourceDispatcherHostImpl::BeginRequest function in content/browser/loader/resource_dispatcher_host_impl.cc in Google Chrome before 50.0.2661.102 allows remote attackers to make arbitrary HTTP requests by leveraging access to a renderer process and reusing a request ID."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "90584",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/90584"
          },
          {
            "name": "1035872",
            "refsource": "SECTRACK",
            "url": "http://www.securitytracker.com/id/1035872"
          },
          {
            "name": "RHSA-2016:1080",
            "refsource": "REDHAT",
            "url": "http://rhn.redhat.com/errata/RHSA-2016-1080.html"
          },
          {
            "name": "openSUSE-SU-2016:1304",
            "refsource": "SUSE",
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00043.html"
          },
          {
            "name": "openSUSE-SU-2016:1655",
            "refsource": "SUSE",
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00048.html"
          },
          {
            "name": "DSA-3590",
            "refsource": "DEBIAN",
            "url": "http://www.debian.org/security/2016/dsa-3590"
          },
          {
            "name": "USN-2960-1",
            "refsource": "UBUNTU",
            "url": "http://www.ubuntu.com/usn/USN-2960-1"
          },
          {
            "name": "https://crbug.com/578882",
            "refsource": "CONFIRM",
            "url": "https://crbug.com/578882"
          },
          {
            "name": "http://googlechromereleases.blogspot.com/2016/05/stable-channel-update.html",
            "refsource": "CONFIRM",
            "url": "http://googlechromereleases.blogspot.com/2016/05/stable-channel-update.html"
          },
          {
            "name": "https://codereview.chromium.org/1608573002",
            "refsource": "CONFIRM",
            "url": "https://codereview.chromium.org/1608573002"
          },
          {
            "name": "openSUSE-SU-2016:1319",
            "refsource": "SUSE",
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00050.html"
          },
          {
            "name": "GLSA-201605-02",
            "refsource": "GENTOO",
            "url": "https://security.gentoo.org/glsa/201605-02"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "50.0.2661.87",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "security@google.com",
          "ID": "CVE-2016-1670"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Race condition in the ResourceDispatcherHostImpl::BeginRequest function in content/browser/loader/resource_dispatcher_host_impl.cc in Google Chrome before 50.0.2661.102 allows remote attackers to make arbitrary HTTP requests by leveraging access to a renderer process and reusing a request ID."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-362"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://codereview.chromium.org/1608573002",
              "refsource": "CONFIRM",
              "tags": [
                "Issue Tracking"
              ],
              "url": "https://codereview.chromium.org/1608573002"
            },
            {
              "name": "https://crbug.com/578882",
              "refsource": "CONFIRM",
              "tags": [
                "Permissions Required"
              ],
              "url": "https://crbug.com/578882"
            },
            {
              "name": "http://googlechromereleases.blogspot.com/2016/05/stable-channel-update.html",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://googlechromereleases.blogspot.com/2016/05/stable-channel-update.html"
            },
            {
              "name": "openSUSE-SU-2016:1655",
              "refsource": "SUSE",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00048.html"
            },
            {
              "name": "DSA-3590",
              "refsource": "DEBIAN",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://www.debian.org/security/2016/dsa-3590"
            },
            {
              "name": "90584",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/90584"
            },
            {
              "name": "RHSA-2016:1080",
              "refsource": "REDHAT",
              "tags": [],
              "url": "http://rhn.redhat.com/errata/RHSA-2016-1080.html"
            },
            {
              "name": "openSUSE-SU-2016:1319",
              "refsource": "SUSE",
              "tags": [],
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00050.html"
            },
            {
              "name": "GLSA-201605-02",
              "refsource": "GENTOO",
              "tags": [],
              "url": "https://security.gentoo.org/glsa/201605-02"
            },
            {
              "name": "openSUSE-SU-2016:1304",
              "refsource": "SUSE",
              "tags": [],
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00043.html"
            },
            {
              "name": "1035872",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://www.securitytracker.com/id/1035872"
            },
            {
              "name": "USN-2960-1",
              "refsource": "UBUNTU",
              "tags": [],
              "url": "http://www.ubuntu.com/usn/USN-2960-1"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "HIGH",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "NONE",
            "baseScore": 2.6,
            "confidentialityImpact": "NONE",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:H/Au:N/C:N/I:P/A:N",
            "version": "2.0"
          },
          "exploitabilityScore": 4.9,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "LOW",
          "userInteractionRequired": true
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N",
            "version": "3.0"
          },
          "exploitabilityScore": 1.6,
          "impactScore": 3.6
        }
      },
      "lastModifiedDate": "2018-10-30T16:27Z",
      "publishedDate": "2016-05-14T21:59Z"
    }
  }
}

GHSA-5975-JWQ3-JMM6

Vulnerability from github – Published: 2022-05-14 02:09 – Updated: 2022-05-14 02:09

Details

Severity ?

5.3 (Medium)


                  
                    CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2016-1670"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-362"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2016-05-14T21:59:00Z",
    "severity": "MODERATE"
  },
  "details": "Race condition in the ResourceDispatcherHostImpl::BeginRequest function in content/browser/loader/resource_dispatcher_host_impl.cc in Google Chrome before 50.0.2661.102 allows remote attackers to make arbitrary HTTP requests by leveraging access to a renderer process and reusing a request ID.",
  "id": "GHSA-5975-jwq3-jmm6",
  "modified": "2022-05-14T02:09:50Z",
  "published": "2022-05-14T02:09:50Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-1670"
    },
    {
      "type": "WEB",
      "url": "https://codereview.chromium.org/1608573002"
    },
    {
      "type": "WEB",
      "url": "https://crbug.com/578882"
    },
    {
      "type": "WEB",
      "url": "https://security.gentoo.org/glsa/201605-02"
    },
    {
      "type": "WEB",
      "url": "http://googlechromereleases.blogspot.com/2016/05/stable-channel-update.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00043.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00050.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00048.html"
    },
    {
      "type": "WEB",
      "url": "http://rhn.redhat.com/errata/RHSA-2016-1080.html"
    },
    {
      "type": "WEB",
      "url": "http://www.debian.org/security/2016/dsa-3590"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/90584"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id/1035872"
    },
    {
      "type": "WEB",
      "url": "http://www.ubuntu.com/usn/USN-2960-1"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N",
      "type": "CVSS_V3"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2016-1670 (GCVE-0-2016-1670)

CERTFR-2016-AVI-166

Solution

FKIE_CVE-2016-1670

CNVD-2016-03259

GSD-2016-1670

GHSA-5975-JWQ3-JMM6

Tags

Sightings

Nomenclature