Articles récents


[CVE-2017-5041] Google Chrome Location Bar URL & SSL Spoofing in Omnibox

Address spoofing in Omnibox (URL & SSL Spoofing)

Announced: March 9, 2017
Reporter: Jordi Chancel
Impact: Moderate
Products: Google Chrome
Fixed in: Google Chrome 57.0.2987.98

  • Description :

Google Chrome before 57.0.2987.98 does not properly handle ********, which allows remote attackers to spoof the Location Bar (URL and SSL indicator) via unspecified vectors.

Note: This issue also affects Google Chrome for iOS.

Vulnerability demonstration (video):