Google Chrome for Android < 54.0.2840.85 Multiple Vulnerabilities
Medium Nessus Network Monitor Plugin ID 9791
SynopsisThe remote mobile host is affected by multiple attack vectors.
DescriptionThe version of Google Chrome for Android on the remote mobile host is prior to 54.0.2840.85, and affected by multiple vulnerabilities :
- An unspecified flaw exists that may allow a context-dependent attacker to gain access to cross-origin data. No further details have been provided. (CVE-2016-5196)
- A flaw exists that is due to the program failing to validate (e.g. via a whitelist) content intents sent when the user taps on an address, email address, or phone number. This may allow a context-dependent attacker to open arbitrary intent schemes. (CVE-2016-5197)
SolutionUpdate Chrome for Android to version 54.0.2840.85 or later.