![]() ![]() Insufficient data validation in Systems Extensions in Google Chrome on ChromeOS prior to 1.120 allowed an attacker who convinced a user to install a malicious extension to bypass file restrictions via a crafted HTML page. Use after free in Extensions in Google Chrome prior to 1.132 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. ![]() ![]() Inappropriate implementation in DevTools in Google Chrome prior to 1.70 allowed an attacker who convinced a user to install a malicious extension to bypass discretionary access control via a crafted Chrome Extension. Inappropriate implementation in Extensions API in Google Chrome prior to 1.70 allowed an attacker who convinced a user to install a malicious extension to bypass an enterprise policy via a crafted HTML page. Inappropriate implementation in Fullscreen in Google Chrome prior to 1.70 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted Chrome Extension. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |