Browser UI Spoofing in Google Chrome for Windows, Mac, and Linux
CVE-2016-5188

4.3MEDIUM

Key Information:

Vendor

Google
Status
Chrome Prior To 54.0.2840.59 For Windows, Mac, And Linux
Vendor
CVE Published:
18 December 2016

What is CVE-2016-5188?

Multiple vulnerabilities in Blink within Google Chrome for Windows, Mac, and Linux may allow a remote attacker to spoof various elements of the browser's user interface through specially crafted HTML pages. This could mislead users and potentially facilitate phishing attacks or other malicious behaviors. Updating to the latest version of Google Chrome is crucial to mitigate these risks.

Affected Version(s)

Chrome prior to 54.0.2840.59 for Windows, Mac, and Linux Chrome prior to 54.0.2840.59 for Windows, Mac, and Linux

References

https://crbug.com/565760
x_refsource_CONFIRM
http://www.securityfocus.com/bid/93528
vdb-entryx_refsource_BID
http://rhn.redhat.com/errata/RHSA-2016-2067.html
vendor-advisoryx_refsource_REDHAT

CVSS V3.1

Score:
4.3
Severity:
MEDIUM
Confidentiality:
None
Integrity:
Low
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.