Google Chrome Document: open function Spoofing Vulnerability (CVE-2015-6782)
Google Chrome Document: open function Spoofing Vulnerability (CVE-2015-6782)
Release date:
Updated on:
Affected Systems:
Google Chrome <47.0.2526.73
Description:
CVE (CAN) ID: CVE-2015-6782
Google Chrome is a Web browser tool developed by Google.
Earlier than Google Chrome 47.0.2526.73, WebKit/Source/core/dom/Document. the Document: open function in cpp does not ensure whether the page-dismissal event is handled in compatible mode. Remote attackers can exploit this vulnerability to spoof Omnibox content by constructing a website.
<* Source: Google
*>
Suggestion:
Vendor patch:
Google
------
The vendor has released a patch to fix this security problem. Please download it from the vendor's homepage:
Http://googlechromereleases.blogspot.com/2015/12/stable-channel-update.html
This article permanently updates the link address: