CVE-2016-5134

2016-07-23T19:59:00
ID CVE-2016-5134
Type cve
Reporter cve@mitre.org
Modified 2017-09-01T01:29:00

Description

net/proxy/proxy_service.cc in the Proxy Auto-Config (PAC) feature in Google Chrome before 52.0.2743.82 does not ensure that URL information is restricted to a scheme, host, and port, which allows remote attackers to discover credentials by operating a server with a PAC script, a related issue to CVE-2016-3763.