CVE-2017-5015
Published: 17 February 2017
Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, incorrectly handled Unicode glyphs, which allowed a remote attacker to perform domain spoofing via IDN homographs in a crafted domain name.
Priority
CVSS 3 base score: 6.5
Status
Package | Release | Status |
---|---|---|
chromium-browser Launchpad, Ubuntu, Debian |
upstream |
Released
(56.0.2924.76)
|
precise |
Ignored
|
|
trusty |
Does not exist
(trusty was released [58.0.3029.81-0ubuntu0.14.04.1172])
|
|
xenial |
Released
(56.0.2924.76-0ubuntu0.16.04.1268)
|
|
yakkety |
Released
(56.0.2924.76-0ubuntu0.16.10.1335)
|
|
zesty |
Released
(56.0.2924.76-0ubuntu2.1343)
|
|
oxide-qt Launchpad, Ubuntu, Debian |
upstream |
Not vulnerable
|
precise |
Does not exist
|
|
trusty |
Does not exist
(trusty was not-affected)
|
|
xenial |
Not vulnerable
|
|
yakkety |
Not vulnerable
|
|
zesty |
Not vulnerable
|