" element. "> OVAL Reference oval:com.ubuntu.precise:def:20165135000 - CERT Civis.Net
Oval Definition:oval:com.ubuntu.precise:def:20165135000
Revision Date:2016-07-23Version:1
Title:CVE-2016-5135 on Ubuntu 12.04 LTS (precise) - medium.
Description:WebKit/Source/core/html/parser/HTMLPreloadScanner.cpp in Blink, as used in Google Chrome before 52.0.2743.82, does not consider referrer-policy information inside an HTML document during a preload request, which allows remote attackers to bypass the Content Security Policy (CSP) protection mechanism via a crafted web site, as demonstrated by a "Content-Security-Policy: referrer origin-when-cross-origin" header that overrides a "" element.
Family:unixClass:vulnerability
Status:Reference(s):CVE-2016-5135
Platform(s):Ubuntu 12.04 LTS
Product(s):
Definition Synopsis
  • Ubuntu 12.04 LTS (precise) is installed.
  • AND While related to the CVE in some way, a decision has been made to ignore it.
    • BACK