8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.168 Low
EPSS
Percentile
96.0%
Google Chrome Releases reports:
29 security fixes in this release, including:
[695826] High CVE-2017-5057: Type confusion in PDFium. Credit to
Guang Gong of Alpha Team, Qihoo 360
[694382] High CVE-2017-5058: Heap use after free in Print Preview.
Credit to Khalil Zhani
[684684] High CVE-2017-5059: Type confusion in Blink. Credit to
SkyLined working with Trend Micro’s Zero Day Initiative
[683314] Medium CVE-2017-5060: URL spoofing in Omnibox. Credit to
Xudong Zheng
[672847] Medium CVE-2017-5061: URL spoofing in Omnibox. Credit to
Haosheng Wang (@gnehsoah)
[702896] Medium CVE-2017-5062: Use after free in Chrome Apps.
Credit to anonymous
[700836] Medium CVE-2017-5063: Heap overflow in Skia. Credit to
Sweetchip
[693974] Medium CVE-2017-5064: Use after free in Blink. Credit to
Wadih Matar
[704560] Medium CVE-2017-5065: Incorrect UI in Blink. Credit to
Khalil Zhani
[690821] Medium CVE-2017-5066: Incorrect signature handing in Networking.
Credit to Prof. Zhenhua Duan, Prof. Cong Tian, and Ph.D candidate Chu Chen
(ICTT, Xidian University)
[648117] Medium CVE-2017-5067: URL spoofing in Omnibox. Credit to
Khalil Zhani
[691726] Low CVE-2017-5069: Cross-origin bypass in Blink. Credit to
Michael Reizelman
[713205] Various fixes from internal audits, fuzzing and other initiatives
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.168 Low
EPSS
Percentile
96.0%