Security Advisory

CVE-2017-5020

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2017-02-17 07:45:00

Last updated 2024-08-05 14:47:44

Assigner Chrome

State PUBLISHED

Description

Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, failed to require a user gesture for powerful download operations, which allowed a remote attacker who convinced a user to install a malicious extension to execute arbitrary code via a crafted HTML page.

← Browse all CVEs View on cve.org ↗