• Home
  • Encyclopedia
  • Endpoint Vulnerability
  • Security Vulnerability CVE-2016-5132 for Google Chrome

At a glance:

ID 30106
Created Aug 02, 2016
Description Updated Sep 10, 2019
Severity
Coverage FortiClient

Endpoint Vulnerability

Security Vulnerability CVE-2016-5132 for Google Chrome

Description

The Service Workers subsystem in Google Chrome before 52.0.2743.82 does not properly implement the Secure Contexts specification during decisions about whether to control a subframe, which allows remote attackers to bypass the Same Origin Policy via an https IFRAME element inside an http IFRAME element.

Affected Products

Google Chrome

Vendor

https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5132,

References

CVE-2016-5132,