CVE-2018-6169

Опубликовано: 09 янв. 2019

Источник: debian

Описание

Lack of timeout on extension install prompt in Extensions in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to trigger installation of an unwanted extension via a crafted HTML page.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
chromium-browser	fixed	68.0.3440.75-1		package
chromium-browser	end-of-life		jessie	package

Связанные уязвимости

CVE-2018-6169

CVSS3: 6.5

ubuntu

около 7 лет назад

Lack of timeout on extension install prompt in Extensions in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to trigger installation of an unwanted extension via a crafted HTML page.

CVE-2018-6169

CVSS3: 6.5

redhat

больше 7 лет назад

Lack of timeout on extension install prompt in Extensions in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to trigger installation of an unwanted extension via a crafted HTML page.

CVE-2018-6169

CVSS3: 6.5

nvd

около 7 лет назад

Lack of timeout on extension install prompt in Extensions in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to trigger installation of an unwanted extension via a crafted HTML page.

GHSA-m8w6-9c44-28r8

CVSS3: 6.5

github

больше 3 лет назад

Lack of timeout on extension install prompt in Extensions in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to trigger installation of an unwanted extension via a crafted HTML page.

BDU:2019-04459

CVSS3: 6.5

fstec

больше 7 лет назад

Уязвимость браузера Google Chrome, связанная с отсутствием тайм-аута на разрешение установки расширений Chrome, позволяющая нарушителю инициировать установку вредоносного расширения Chrome