CVE-2016-5188 — Improper Input Validation in Google Chrome

CWE-20 — Improper Input Validation8 documents6 sources

Severity

4.3MEDIUMNVD

OSV7.5

EPSS

0.4%

top 42.18%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Google Chrome

Timeline

PublishedDec 18

Latest updateMay 14

Description

Multiple issues in Blink in Google Chrome prior to 54.0.2840.59 for Windows, Mac, and Linux allow a remote attacker to spoof various parts of browser UI via crafted HTML pages.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:NExploitability: 2.8 | Impact: 1.4

Affected Packages1 packages

▶NVDgoogle/chrome53.0.2785.143

🔴Vulnerability Details

GHSA

GHSA-fg8g-4gxq-9wjr: Multiple issues in Blink in Google Chrome prior to 54↗2022-05-14

▶

OSV

oxide-qt vulnerabilities↗2016-11-02

▶

OSV

CVE-2016-5188: Multiple issues in Blink in Google Chrome prior to 54↗2016-10-17

▶

📋Vendor Advisories

Ubuntu

Oxide vulnerabilities↗2016-11-02

▶

Red Hat

chromium-browser: ui spoofing↗2016-10-12

▶

💬Community

Bugzilla

CVE-2016-5181 CVE-2016-5182 CVE-2016-5183 CVE-2016-5184 CVE-2016-5185 CVE-2016-5186 CVE-2016-5187 CVE-2016-5188 CVE-2016-5189 CVE-2016-5190 CVE-2016-5191 CVE-2016-5192 CVE-2016-5193 CVE-2016-5194 chro↗2016-10-13

▶

Bugzilla

CVE-2016-5188 chromium-browser: ui spoofing↗2016-10-13

▶