HTML Page Navigation Flaw in Google Chrome by Google
CVE-2017-5065

4.7MEDIUM

Key Information:

Vendor

Google
Status
Google Chrome Prior To 58.0.3029.81 For Windows And Mac
Vendor
CVE Published:
27 October 2017

What is CVE-2017-5065?

A security flaw in the Blink engine of Google Chrome prior to version 58.0.3029.81 allowed remote attackers to craft malicious HTML pages that could mislead users into making hazardous security decisions. This vulnerability underscores the importance of user awareness and secure browsing practices, as attackers could exploit this flaw without direct system access.

Affected Version(s)

Google Chrome prior to 58.0.3029.81 for Windows and Mac Google Chrome prior to 58.0.3029.81 for Windows and Mac

References

https://access.redhat.com/errata/RHSA-2017:1124
vendor-advisoryx_refsource_REDHAT
https://security.gentoo.org/glsa/201705-02
vendor-advisoryx_refsource_GENTOO
https://crbug.com/704560
x_refsource_MISC

CVSS V3.1

Score:
4.7
Severity:
MEDIUM
Confidentiality:
None
Integrity:
Low
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.