CVE-2016-5193

Published: Dec 18, 2016

Modified: Aug 6, 2024

PUBLISHED

Description

Google Chrome prior to 54.0 for iOS had insufficient validation of URLs for windows open by DOM, which allowed a remote attacker to bypass restrictions on navigation to certain URL schemes via crafted HTML pages.

Vendor	Product	Versions
n/a	Chrome prior to 54.0 for iOS	affected `Chrome prior to 54.0 for iOS`

References

https://crbug.com/639658

x_refsource_CONFIRM

93528

vdb-entry

x_refsource_BID

RHSA-2016:2067

vendor-advisory

x_refsource_REDHAT

GLSA-201610-09

vendor-advisory

x_refsource_GENTOO

https://chromereleases.googleblog.com/2016/10/stable-channel-update-for-desktop.html

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2016-5193

Description

Affected Products

References