Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Google Chrome for Android < 54.0.2840.85 Multiple Vulnerabilities

Medium

Synopsis

The remote mobile host is affected by multiple attack vectors.

Description

The version of Google Chrome for Android on the remote mobile host is prior to 54.0.2840.85, and affected by multiple vulnerabilities :

- An unspecified flaw exists that may allow a context-dependent attacker to gain access to cross-origin data. No further details have been provided. (CVE-2016-5196) - A flaw exists that is due to the program failing to validate (e.g. via a whitelist) content intents sent when the user taps on an address, email address, or phone number. This may allow a context-dependent attacker to open arbitrary intent schemes. (CVE-2016-5197)

Solution

Update Chrome for Android to version 54.0.2840.85 or later.