2 matches found
CVE-2016-10584
dalek-browser-chrome-canary provides Google Chrome bindings for DalekJS. dalek-browser-chrome-canary downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution RCE by swapping out the requested binary with an attacker...
CVE-2016-10584
The CVE-2016-10584 entry concerns dalek-browser-chrome-canary, a Google Chrome binding for DalekJS. The vulnerability arises because it downloads binary resources over HTTP, enabling a man-in-the-middle (MitM) attacker to swap the requested binary with malware, potentially causing remote code exe...