9 matches found
The vulnerability of Google Chrome’s CustomHandlers component, which allows a hacker to execute cross-site scripting attacks
The vulnerability of Google Chrome’s CustomHandlers component relates to the ability to bypass the user’s confirmation dialog. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks using a specially created HTML page...
CVE-2018-16084
The default selected dialog button in CustomHandlers in Google Chrome prior to 69.0.3497.81 allowed a remote attacker who convinced the user to perform certain operations to open external programs via a crafted HTML page...
CVE-2018-16084
The default selected dialog button in CustomHandlers in Google Chrome prior to 69.0.3497.81 allowed a remote attacker who convinced the user to perform certain operations to open external programs via a crafted HTML page...
Design/Logic Flaw
The default selected dialog button in CustomHandlers in Google Chrome prior to 69.0.3497.81 allowed a remote attacker who convinced the user to perform certain operations to open external programs via a crafted HTML page...
UBUNTU-CVE-2018-16084
The default selected dialog button in CustomHandlers in Google Chrome prior to 69.0.3497.81 allowed a remote attacker who convinced the user to perform certain operations to open external programs via a crafted HTML page...
CVE-2018-16084
The default selected dialog button in CustomHandlers in Google Chrome prior to 69.0.3497.81 allowed a remote attacker who convinced the user to perform certain operations to open external programs via a crafted HTML page...
CVE-2018-16084
Removed by vendor...
CVE-2018-16084
CVE-2018-16084 affects Chromium/Google Chrome prior to 69.0.3497.81. Root cause: the default selected dialog button in CustomHandlers could be exploited via a crafted HTML page to trigger opening external programs. Impact: remote attacker could have the user open external programs, enabling possi...
CVE-2018-16084
The default selected dialog button in CustomHandlers in Google Chrome prior to 69.0.3497.81 allowed a remote attacker who convinced the user to perform certain operations to open external programs via a crafted HTML page...