CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
EPSS
Percentile
97.3%
Google Chrome Releases reports:
5 security fixes in this release, including:
[698622] Critical CVE-2017-5055: Use after free in printing. Credit to
Wadih Matar
[699166] High CVE-2017-5054: Heap buffer overflow in V8. Credit to
Nicolas Trippar of Zimperium zLabs
[662767] High CVE-2017-5052: Bad cast in Blink. Credit to
JeongHoon Shin
[705445] High CVE-2017-5056: Use after free in Blink. Credit to
anonymous
[702058] High CVE-2017-5053: Out of bounds memory access in V8. Credit to
Team Sniper (Keen Lab and PC Mgr) reported through ZDI (ZDI-CAN-4587)
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
EPSS
Percentile
97.3%