The content view client in Google Chrome prior to 54.0.2840.85 for Android insufficiently validated intent URLs, which allowed a remote attacker who had compromised the renderer process to start arbitrary activity on the system via a crafted HTML page.
References
Configurations
History
07 Nov 2023, 02:33
Type | Values Removed | Values Added |
---|---|---|
References | () https://chromereleases.googleblog.com/2016/10/chrome-for-android-update_31.html - | |
References | () https://crbug.com/659477 - | |
References | () http://www.securityfocus.com/bid/94078 - |
Information
Published : 2017-01-19 05:59
Updated : 2024-02-28 15:44
NVD link : CVE-2016-5197
Mitre link : CVE-2016-5197
CVE.ORG link : CVE-2016-5197
JSON object : View
Products Affected
- chrome
CWE
CWE-20
Improper Input Validation