What is CVE-2016-1657?

CVE-2016-1657 is a medium-severity vulnerability in Google Chrome, classified under CWE-254. CVSS score: 4.3/10. Published 2016-04-18.

How severe is CVE-2016-1657?

Medium severity. CVSS v3 base score is 4.3 out of 10.

Vulnerability in Google Chrome

CVE-2016-1657

The WebContentsImpl::FocusLocationBarByDefault function in content/browser/web_contents/web_contents_impl.cc in Google Chrome before 50.0.2661.75 mishandles focus for certain about:blank pages, which allows remote attackers to spoof the ad…

EPSS: 0.022 (84.7th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 4.3 (Medium). Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N.

Affected products

Google Chrome
Novell Suse_package_hub_for_suse_linux_enterprise — versions 12
Debian Debian_linux — versions 8.0
Opensuse Leap — versions 42.1
N/a — versions n/a

Weakness classification (CWE)

CWE-254

References

chrome-cve-admin@google.com (x_refsource_CONFIRM)
openSUSE-SU-2016:1136 (vendor-advisory, x_refsource_SUSE)
openSUSE-SU-2016:1135 (vendor-advisory, x_refsource_SUSE)
RHSA-2016:0638 (x_refsource_REDHAT, vendor-advisory)
chrome-cve-admin@google.com (x_refsource_CONFIRM)
SUSE-SU-2016:1060 (vendor-advisory, x_refsource_SUSE)
DSA-3549 (vendor-advisory, x_refsource_DEBIAN)
openSUSE-SU-2016:1061 (vendor-advisory, x_refsource_SUSE)
chrome-cve-admin@google.com (x_refsource_CONFIRM)
GLSA-201605-02 (vendor-advisory, x_refsource_GENTOO)

Frequently asked questions

What is CVE-2016-1657?: CVE-2016-1657 is a medium-severity vulnerability in Google Chrome, classified under CWE-254. CVSS score: 4.3/10. Published 2016-04-18.
How severe is CVE-2016-1657?: Medium severity. CVSS v3 base score is 4.3 out of 10.