Lucene search

K

ChromeVULNRICHMENT:CVE-2023-4764

HistorySep 05, 2023 - 9:57 p.m.

CVE-2023-4764

2023-09-0521:57:42

Chrome

github.com

google chrome

bfcache

url bar spoofing

security ui

html page crafted

AI Score

5.8

Confidence

Low

SSVC

Exploitation

none

Automatable

no

Technical Impact

partial

Incorrect security UI in BFCache in Google Chrome prior to 116.0.5845.179 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. (Chromium security severity: High)

References

chromereleases.googleblog.com/2023/09/stable-channel-update-for-desktop.html

crbug.com/1447237

lists.fedoraproject.org/archives/list/[email protected]/message/27NR3KG553CG6LGPMP6SHWEVHTYPL6RC/

lists.fedoraproject.org/archives/list/[email protected]/message/6T655QF7CQ3DYAMPFV7IECQYGDEUIVVT/

lists.fedoraproject.org/archives/list/[email protected]/message/KUQ7CTX3W372X3UY56VVNAHCH6H2F4X3/

security.gentoo.org/glsa/202311-11

security.gentoo.org/glsa/202312-07

security.gentoo.org/glsa/202401-34

www.debian.org/security/2023/dsa-5491

AI Score

5.8

Confidence

Low

SSVC

Exploitation

none

Automatable

no

Technical Impact

partial

Related for VULNRICHMENT:CVE-2023-4764

mscve1 prion1 cvelist1 osv4 debiancve1 ubuntucve1 veracode1 cve1 nvd1 debian1 nessus14 openvas9 kaspersky2 freebsd1 chrome1 fedora3 mageia1 photon2 gentoo3 rapid7blog1