New Search

Origin confusion in proxy authentication - CVE-2016-5133

oval:org.cisecurity:def:988

Google Chrome before 52.0.2743.82 mishandles origin information during proxy authentication which allows man-in-the-middle attackers to spoof a proxy-authentication login prompt or trigger incorrect credential storage by modifying the client-server data stream.

Family:
windows
Status:
ACCEPTED
Platform(s):
  • Microsoft Windows 7
  • Microsoft Windows 8.1
  • Microsoft Windows 10
  • Microsoft Windows Server 2008
  • Microsoft Windows Vista
  • Microsoft Windows Server 2012 R2
  • Microsoft Windows Server 2008 R2
  • Microsoft Windows Server 2012
  • Microsoft Windows 8
Class:
vulnerability
Reference(s):
  • CVE-2016-5133
Product(s):
  • Google Chrome