Tenable9791.PRMGoogle Chrome for Android < 54.0.2840.85 Multiple Vulnerabilities
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS
Percentile
71.7%
The version of Google Chrome for Android on the remote mobile host is prior to 54.0.2840.85, and affected by multiple vulnerabilities :
- An unspecified flaw exists that may allow a context-dependent attacker to gain access to cross-origin data. No further details have been provided. (CVE-2016-5196)
- A flaw exists that is due to the program failing to validate (e.g. via a whitelist) content intents sent when the user taps on an address, email address, or phone number. This may allow a context-dependent attacker to open arbitrary intent schemes. (CVE-2016-5197)
Binary data 9791.prmRelated
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS
Percentile
71.7%