CVE-2017-5026

🗓️ 17 Feb 2017 07:45:00Reported by ChromeType

Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, failed to prevent alerts from being displayed by swapped out frames, allowing remote attackers to show alerts on an uncontrolled page via crafted HTML

Reporter	Title	Published	Views	Family All 53
ArchLinux	[ASA-201701-33] chromium: multiple issues	27 Jan 201700:00	–	archlinux
CNVD	Google Chrome UI Spoofing Vulnerability	20 Feb 201700:00	–	cnvd
Cvelist	CVE-2017-5026	17 Feb 201707:45	–	cvelist
Debian	[SECURITY] [DSA 3776-1] chromium-browser security update	31 Jan 201701:24	–	debian
Debian	[SECURITY] [DSA 3776-1] chromium-browser security update	31 Jan 201701:24	–	debian
Debian CVE	CVE-2017-5026	17 Feb 201707:45	–	debiancve
Tenable Nessus	Debian DSA-3776-1 : chromium-browser - security update	31 Jan 201700:00	–	nessus
Tenable Nessus	Fedora 25 : qt5-qtwebengine (2017-58cde32413)	13 Jul 201700:00	–	nessus
Tenable Nessus	Fedora 24 : qt5-qtwebengine (2017-98bed96d12)	24 Jul 201700:00	–	nessus
Tenable Nessus	Fedora 26 : qt5-qtwebengine (2017-e83c26a8c9)	17 Jul 201700:00	–	nessus

NVD

Node

google chromeRange≤55.0.2883.87

[
  {
    "product": "Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac"
      }
    ]
  }
]

Source	Link
debian	www.debian.org/security/2017/dsa-3776
chromereleases	www.chromereleases.googleblog.com/2017/01/stable-channel-update-for-desktop.html
security	www.security.gentoo.org/glsa/201701-66
crbug	www.crbug.com/634108
rhn	www.rhn.redhat.com/errata/RHSA-2017-0206.html
securitytracker	www.securitytracker.com/id/1037718
securityfocus	www.securityfocus.com/bid/95792

13 May 2026 00:24Current

5.1Medium risk

Vulners AI Score5.1

CVSS 34.3

CVSS 24.3

EPSS0.00584

CWE-1021