CVE-2016-8508

Summary

Yandex Browser for desktop before 17.1.1.227 does not show Protect (similar to Safebrowsing in Chromium) warnings in web-sites with special content-type, which could be used by remote attacker for prevention Protect warning on own malicious web-site.

Affected Software

VendorProductVersion RangeStatus
Yandex N.V.Yandex Browser for desktopbefore 17.1.1.227 for OSx and Windowsaffected

Weaknesses

  • Yandex Browser Protect mechanism bypass

ADP Enrichment

CVE Program Container

Additional References

References