Описание
The implementation of the Page.downloadBehavior backend unconditionally marked downloaded files as safe, regardless of file type in Google Chrome prior to 66.0.3359.117 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted HTML page and user interaction.
The implementation of the Page.downloadBehavior backend unconditionally marked downloaded files as safe, regardless of file type in Google Chrome prior to 66.0.3359.117 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted HTML page and user interaction.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2018-6152
- https://access.redhat.com/errata/RHSA-2018:2282
- https://chromereleases.googleblog.com/2018/04/stable-channel-update-for-desktop.html
- https://crbug.com/805445
- https://security.gentoo.org/glsa/201808-01
- https://www.debian.org/security/2018/dsa-4256
- http://www.securityfocus.com/bid/104887
Связанные уязвимости
The implementation of the Page.downloadBehavior backend unconditionally marked downloaded files as safe, regardless of file type in Google Chrome prior to 66.0.3359.117 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted HTML page and user interaction.
The implementation of the Page.downloadBehavior backend unconditionally marked downloaded files as safe, regardless of file type in Google Chrome prior to 66.0.3359.117 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted HTML page and user interaction.
The implementation of the Page.downloadBehavior backend unconditionally marked downloaded files as safe, regardless of file type in Google Chrome prior to 66.0.3359.117 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted HTML page and user interaction.
The implementation of the Page.downloadBehavior backend unconditionall ...
Уязвимость реализации бэкэнда Page.downloadBehavior браузера Google Chrome, позволяющая нарушителю убедить пользователя установить вредоносное расширение