CVE-2017-5046

Summary

V8 in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android had insufficient policy enforcement, which allowed a remote attacker to spoof the location object via a crafted HTML page, related to Blink information disclosure.

Affected Software

VendorProductVersion RangeStatus
n/aGoogle Chrome prior to 57.0.2987.98 for Mac, Windows and Linux, and 57.0.2987.108 for AndroidGoogle Chrome prior to 57.0.2987.98 for Mac, Windows and Linux, and 57.0.2987.108 for Androidaffected

Weaknesses

  • insufficient policy enforcement

ADP Enrichment

CVE Program Container

Additional References

References