Lucene search

K
ubuntucveUbuntu.comUB:CVE-2017-5033
HistoryMar 10, 2017 - 12:00 a.m.

CVE-2017-5033

2017-03-1000:00:00
ubuntu.com
ubuntu.com
11

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

CVSS3

4.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

EPSS

0.007

Percentile

79.6%

Blink in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux
and 57.0.2987.108 for Android failed to correctly propagate CSP
restrictions to local scheme pages, which allowed a remote attacker to
bypass content security policy via a crafted HTML page, related to the
unsafe-inline keyword.

OSVersionArchitecturePackageVersionFilename
ubuntu14.04noarchchromium-browser< 58.0.3029.81-0ubuntu0.14.04.1172UNKNOWN
ubuntu16.04noarchchromium-browser< 57.0.2987.98-0ubuntu0.16.04.1276UNKNOWN
ubuntu16.10noarchchromium-browser< 57.0.2987.98-0ubuntu0.16.10.1344UNKNOWN
ubuntu17.04noarchchromium-browser< 57.0.2987.98-0ubuntu1.1348UNKNOWN
ubuntu14.04noarchoxide-qt< 1.21.5-0ubuntu0.14.04.1UNKNOWN
ubuntu16.04noarchoxide-qt< 1.21.5-0ubuntu0.16.04.1UNKNOWN
ubuntu16.10noarchoxide-qt< 1.21.5-0ubuntu0.16.10.1UNKNOWN
ubuntu17.04noarchoxide-qt< 1.21.5-0ubuntu1UNKNOWN

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

CVSS3

4.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

EPSS

0.007

Percentile

79.6%