CVE-2017-5086

Опубликовано: 27 окт. 2017

Источник: debian

EPSS Низкий

Описание

Insufficient Policy Enforcement in Omnibox in Google Chrome prior to 59.0.3071.86 for Windows and Mac allowed a remote attacker to perform domain spoofing via IDN homographs in a crafted domain name.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
chromium-browser	fixed	59.0.3071.86-1		package
chromium-browser	end-of-life		jessie	package
chromium-browser	end-of-life		wheezy	package

EPSS

Процентиль: 71%

0.00667

Низкий

Связанные уязвимости

CVE-2017-5086

CVSS3: 6.5

ubuntu

больше 8 лет назад

Insufficient Policy Enforcement in Omnibox in Google Chrome prior to 59.0.3071.86 for Windows and Mac allowed a remote attacker to perform domain spoofing via IDN homographs in a crafted domain name.

CVE-2017-5086

CVSS3: 6.5

redhat

больше 8 лет назад

Insufficient Policy Enforcement in Omnibox in Google Chrome prior to 59.0.3071.86 for Windows and Mac allowed a remote attacker to perform domain spoofing via IDN homographs in a crafted domain name.

CVE-2017-5086

CVSS3: 6.5

nvd

больше 8 лет назад

Insufficient Policy Enforcement in Omnibox in Google Chrome prior to 59.0.3071.86 for Windows and Mac allowed a remote attacker to perform domain spoofing via IDN homographs in a crafted domain name.

GHSA-2h54-c9vf-47rr

CVSS3: 6.5

github

больше 3 лет назад

Insufficient Policy Enforcement in Omnibox in Google Chrome prior to 59.0.3071.86 for Windows and Mac allowed a remote attacker to perform domain spoofing via IDN homographs in a crafted domain name.

BDU:2017-02631

CVSS3: 6.5

fstec

больше 8 лет назад

Уязвимость реализации Omnibox браузера Google Chrome, позволяющая нарушителю осуществить подмену домена

EPSS

Процентиль: 71%

0.00667

Низкий