CVE-2016-1616

Published: Jan 25, 2016

Modified: Aug 5, 2024

PUBLISHED

Description

The CustomButton::AcceleratorPressed function in ui/views/controls/button/custom_button.cc in Google Chrome before 48.0.2564.82 allows remote attackers to spoof URLs via vectors involving an unfocused custom button.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

81430

vdb-entry

x_refsource_BID

RHSA-2016:0072

vendor-advisory

x_refsource_REDHAT

https://codereview.chromium.org/1437523005

x_refsource_CONFIRM

http://googlechromereleases.blogspot.com/2016/01/stable-channel-update_20.html

x_refsource_CONFIRM

https://code.google.com/p/chromium/issues/detail?id=541415

x_refsource_CONFIRM

1034801

vdb-entry

x_refsource_SECTRACK

openSUSE-SU-2016:0249

vendor-advisory

x_refsource_SUSE

GLSA-201603-09

vendor-advisory

x_refsource_GENTOO

openSUSE-SU-2016:0271

vendor-advisory

x_refsource_SUSE

DSA-3456

vendor-advisory

x_refsource_DEBIAN

openSUSE-SU-2016:0250

vendor-advisory

x_refsource_SUSE

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2016-1616

Description

Affected Products

References