CVE-2017-5081

Summary

Lack of verification of an extension's locale folder in Google Chrome prior to 59.0.3071.86 for Mac, Windows, and Linux, and 59.0.3071.92 for Android, allowed an attacker with local write access to modify extensions by modifying extension files.

Affected Software

VendorProductVersion RangeStatus
n/aGoogle Chrome prior to 59.0.3071.86 for Mac, Windows and Linux, and 59.0.3071.92 for AndroidGoogle Chrome prior to 59.0.3071.86 for Mac, Windows and Linux, and 59.0.3071.92 for Androidaffected

Weaknesses

  • Inappropriate implementation

ADP Enrichment

CVE Program Container

Additional References

References