CVE-2017-5066

Summary

Insufficient consistency checks in signature handling in the networking stack in Google Chrome prior to 58.0.3029.81 for Mac, Windows, and Linux, and 58.0.3029.83 for Android, allowed a remote attacker to incorrectly accept a badly formed X.509 certificate via a crafted HTML page.

Affected Software

VendorProductVersion RangeStatus
n/aGoogle Chrome prior to 58.0.3029.81 for Mac, Windows and Linux, and 58.0.3029.83 for AndroidGoogle Chrome prior to 58.0.3029.81 for Mac, Windows and Linux, and 58.0.3029.83 for Androidaffected

Weaknesses

  • Inappropriate implementation

ADP Enrichment

CVE Program Container

Additional References

References