The vulnerability in the Omnibox browser implementation of Google Chrome allows a hacker to replace the domain name.

🗓️ 26 Dec 2017 00:00:00Reported by FSTEC of Russia — Information Security Threat DatabaseType

bdu_fstec

bdu_fstec🔗 bdu.fstec.ru

Chrome Omnibox flaw allows domain replacement with right to left symbols due to poor input validation.

Reporter	Title	Published	Views	Family All 49
FreeBSD	chromium -- multiple vulnerabilities	5 Jun 201700:00	–	freebsd
ArchLinux	[ASA-201706-8] chromium: multiple issues	7 Jun 201700:00	–	archlinux
CNVD	Google Chrome Omnibox Address Spoofing Vulnerability (CNVD-2017-09215)	7 Jun 201700:00	–	cnvd
CVE	CVE-2017-5072	27 Oct 201705:00	–	cve
Cvelist	CVE-2017-5072	27 Oct 201705:00	–	cvelist
Debian CVE	CVE-2017-5072	27 Oct 201705:00	–	debiancve
EUVD	EUVD-2017-14181	7 Oct 202500:30	–	euvd
Fedora	[SECURITY] Fedora 26 Update: chromium-native_client-59.0.3071.86-1.20170607gitaac1de2.fc26	26 Jun 201719:14	–	fedora
Fedora	[SECURITY] Fedora 25 Update: chromium-native_client-59.0.3071.86-1.20170607gitaac1de2.fc25	30 Jun 201700:50	–	fedora
Fedora	[SECURITY] Fedora 24 Update: chromium-native_client-59.0.3071.86-1.20170607gitaac1de2.fc24	12 Jul 201701:54	–	fedora

Source	Link
securityfocus	www.securityfocus.com/bid/98861
securitytracker	www.securitytracker.com/id/1038622
chromereleases	www.chromereleases.googleblog.com/2017/06/stable-channel-update-for-desktop.html
crbug	www.crbug.com/709417
security	www.security.gentoo.org/glsa/201706-20
web	www.web.nvd.nist.gov/view/vuln/detail
gentoo	www.gentoo.org/security/en/glsa/glsa-201706-20.xml

23 Mar 2021 00:00Current

7.6High risk

Vulners AI Score7.6

CVSS 24.3

CVSS 36.5

EPSS0.00524

Chrome Omnibox domain replacement right to left input validation security vulnerability