CVE-2017-5041

Published: Apr 24, 2017Modified: May 13, 2026

4.3

Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

Exploitability: 2.8 / Impact: 1.4

Source: NVD

Description

Google Chrome prior to 57.0.2987.100 incorrectly handled back-forward navigation, which allowed a remote attacker to display incorrect information for a site via a crafted HTML page.

Affected (1)

Products: Google: Chrome

1 product

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Google Chrome	Up to 57.0.2987.98

Related CWEs

Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

References (12)

http://rhn.redhat.com/errata/RHSA-2017-0499.html

Source: chrome-cve-admin@google.com

http://www.debian.org/security/2017/dsa-3810

Source: chrome-cve-admin@google.com

http://www.securityfocus.com/bid/96767

Source: chrome-cve-admin@google.com

https://chromereleases.googleblog.com/2017/03/stable-channel-update-for-desktop.html

Source: chrome-cve-admin@google.com

https://crbug.com/642490

Source: chrome-cve-admin@google.com

https://security.gentoo.org/glsa/201704-02

Source: chrome-cve-admin@google.com

http://rhn.redhat.com/errata/RHSA-2017-0499.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.debian.org/security/2017/dsa-3810

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/96767

Source: af854a3a-2127-422b-91ae-364da2661108

https://chromereleases.googleblog.com/2017/03/stable-channel-update-for-desktop.html

Source: af854a3a-2127-422b-91ae-364da2661108

https://crbug.com/642490

Source: af854a3a-2127-422b-91ae-364da2661108

https://security.gentoo.org/glsa/201704-02

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.