Insufficient Security Warnings in Yandex Browser for Desktop
CVE-2016-8508

6.5MEDIUM

Key Information:

Vendor: Yandex N.v.
Status: Yandex Browser For Desktop
Vendor: CVE Published:; 1 March 2017

🔔 Create Yandex N.v. Vulnerability Alert

What is CVE-2016-8508?

A vulnerability exists in Yandex Browser for desktop versions prior to 17.1.1.227, where the browser fails to display necessary security warnings for certain web content types. This flaw can be exploited by malicious actors to create websites that evade security notifications, potentially leading users to interact with harmful sites without appropriate warning. The issue has been addressed in version 17.1.1.227 and later.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Yandex Browser for desktop before 17.1.1.227 for OSx and Windows

References

http://www.securityfocus.com/bid/96514

vdb-entryx_refsource_BID

https://yandex.com/blog/security-changelogs/fixed-in-vers...

x_refsource_CONFIRM

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Mar 1, 2017
Vulnerability Reserved
Oct 7, 2016

JSON

Yandex N.v.

What is CVE-2016-8508?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.