UBUNTU-CVE-2016-1632

Advisory lineage Upstream: 1 Downstream: 0

Upstream

CVE-2016-1632

Published: 06 Mar 2016, 02:59

Last modified:08 Sept 2025, 16:43

Vulnerability Summary

Overall Risk (default)

medium

35/100

CVSS Score

8.8 HIGH

3.0 (osv_ubuntu)

EPSS Score

No data

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

06 Mar 2016, 02:59

Published

Vulnerability first disclosed

08 Sept 2025, 16:43

Last Modified

Vulnerability information updated

Description

The Extensions subsystem in Google Chrome before 49.0.2623.75 does not properly maintain own properties, which allows remote attackers to bypass intended access restrictions via crafted JavaScript code that triggers an incorrect cast, related to extensions/renderer/v8_helpers.h and gin/converter.h.

CVSS Metrics

v3.0•HIGH•Score: 8.8CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Affected Systems

ubuntu•chromium-browser
< 49.0.2623.87-0ubuntu0.14.04.1.1112

References (3)

https://ubuntu.com/security/CVE-2016-1632
http://googlechromereleases.blogspot.ca/2016/03/stable-channel-update.html
https://www.cve.org/CVERecord?id=CVE-2016-1632