Google Chrome Address Bar Spoofing Vulnerability (CVE-2016-1664)
Google Chrome Address Bar Spoofing Vulnerability (CVE-2016-1664)
Release date:
Updated on:
Affected Systems:
Google Chrome <50.0.2661.94
Description:
CVE (CAN) ID: CVE-2016-1664
Google Chrome is a Web browser tool developed by Google.
Google Chrome versions earlier than 50.0.2661.94, content/renderer/history_controller.cc/HistoryController: UpdateForCommit function error handling sub-frame forward navigation and other operations before Forward Navigation, remote attackers through the construction of the website, this vulnerability can fool the address bar.
<* Source: Google
*>
Suggestion:
Vendor patch:
Google
------
The vendor has released a patch to fix this security problem. Please download it from the vendor's homepage:
Http://googlechromereleases.blogspot.com/2016/04/stable-channel-update_28.html
Https://crbug.com/597322
Https://codereview.chromium.org/1848813005/
This article permanently updates the link address: