VDB
CVE-2016-1707
CVE-2016-1707
PUBLISHED
Reported by Chrome · Published July 23, 2016
ios/web/web_state/ui/crw_web_controller.mm in Google Chrome before 52.0.2743.82 on iOS does not ensure that an invalid URL is replaced with the about:blank URL, which allows remote attackers to spoof the URL display via a crafted web site.
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| n/a | n/a | n/a |
| n/a | n/a | *, n/a |
Timeline
- Jul 23, 2016 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- May 20, 2022 EPSS Score
- Jul 12, 2022 EPSS Score
- Sep 3, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Feb 8, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Apr 2, 2023 EPSS Score
- May 25, 2023 EPSS Score
References
- openSUSE-SU-2016:1868 vendor-advisoryx_refsource_SUSE
- openSUSE-SU-2016:1869 vendor-advisoryx_refsource_SUSE
- 92053 vdb-entryx_refsource_BID
- x_refsource_CONFIRM
- x_refsource_CONFIRM
- openSUSE-SU-2016:1918 vendor-advisoryx_refsource_SUSE
- x_refsource_CONFIRM
- openSUSE-SU-2016:1865 vendor-advisoryx_refsource_SUSE
- 1036428 vdb-entryx_refsource_SECTRACK
- DSA-3637 vendor-advisoryx_refsource_DEBIAN