CVE-2017-5081
N/A
N/A
Summary
Lack of verification of an extension's locale folder in Google Chrome prior to 59.0.3071.86 for Mac, Windows, and Linux, and 59.0.3071.92 for Android, allowed an attacker with local write access to modify extensions by modifying extension files.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | Google Chrome prior to 59.0.3071.86 for Mac, Windows and Linux, and 59.0.3071.92 for Android | Google Chrome prior to 59.0.3071.86 for Mac, Windows and Linux, and 59.0.3071.92 for Android | affected |
Weaknesses
- Inappropriate implementation
ADP Enrichment
CVE Program Container
Additional References
- http://www.securityfocus.com/bid/98861
- https://access.redhat.com/errata/RHSA-2017:1399
- https://crbug.com/672008
- http://www.securitytracker.com/id/1038622
- https://security.gentoo.org/glsa/201706-20
- https://chromereleases.googleblog.com/2017/06/stable-channel-update-for-desktop.html
References
- http://www.securityfocus.com/bid/98861
- https://access.redhat.com/errata/RHSA-2017:1399
- https://crbug.com/672008
- http://www.securitytracker.com/id/1038622
- https://security.gentoo.org/glsa/201706-20
- https://chromereleases.googleblog.com/2017/06/stable-channel-update-for-desktop.html
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.