Lack of verification of an extension's locale folder in Google Chrome prior to 59.0.3071.86 for Mac, Windows, and Linux, and 59.0.3071.92 for Android, allowed an attacker with local write access to modify extensions by modifying extension files.
References
Configurations
Configuration 1 (hide)
AND |
|
Configuration 2 (hide)
|
Configuration 3 (hide)
AND |
|
Configuration 4 (hide)
|
History
07 Nov 2023, 02:48
Type | Values Removed | Values Added |
---|---|---|
References | () https://crbug.com/672008 - | |
References | () http://www.securitytracker.com/id/1038622 - | |
References | () https://security.gentoo.org/glsa/201706-20 - | |
References | () https://access.redhat.com/errata/RHSA-2017:1399 - | |
References | () https://chromereleases.googleblog.com/2017/06/stable-channel-update-for-desktop.html - | |
References | () http://www.securityfocus.com/bid/98861 - |
06 Apr 2022, 19:33
Type | Values Removed | Values Added |
---|---|---|
First Time |
Redhat enterprise Linux Server
Redhat enterprise Linux Workstation Redhat enterprise Linux Desktop Redhat |
|
CPE | cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:* |
|
References | (REDHAT) https://access.redhat.com/errata/RHSA-2017:1399 - Third Party Advisory | |
References | (MISC) https://crbug.com/672008 - Exploit, Issue Tracking, Patch, Vendor Advisory |
08 Sep 2021, 17:20
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:* |
Information
Published : 2017-10-27 05:29
Updated : 2023-12-10 12:15
NVD link : CVE-2017-5081
Mitre link : CVE-2017-5081
CVE.ORG link : CVE-2017-5081
JSON object : View
Products Affected
redhat
- enterprise_linux_desktop
- enterprise_linux_server
- enterprise_linux_workstation
apple
- macos
- chrome
- android
linux
- linux_kernel
microsoft
- windows
debian
- debian_linux
CWE
CWE-20
Improper Input Validation