CVE-2017-5084

CWE-269Improper Privilege Management4 documents4 sources
Severity
3.3LOW
EPSS
0.0%
top 91.88%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Google Chrome OS
Timeline
PublishedOct 27
Latest updateMay 13

Description

Inappropriate implementation in image-burner in Google Chrome OS prior to 59.0.3071.92 allowed a local attacker to read local files via dbus-send commands to a BurnImage D-Bus endpoint.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:NExploitability: 1.8 | Impact: 1.4

Affected Packages3 packages

CVEListV5google_chrome_prior_to_59.0.3071.92Google Chrome prior to 59.0.3071.92
NVDgoogle/chrome_os< 59.0.3071.92
Ubuntuchromium-browser< 59.0.3071.109-0ubuntu0.14.04.1186+1

🔴Vulnerability Details

3
GHSA
GHSA-h662-qc36-6h52: Inappropriate implementation in image-burner in Google Chrome OS prior to 592022-05-13
OSV
CVE-2017-5084: Inappropriate implementation in image-burner in Google Chrome OS prior to 592017-10-27
CVEList
CVE-2017-5084: Inappropriate implementation in image-burner in Google Chrome OS prior to 592017-10-27
CVE-2017-5084 (LOW CVSS 3.3) | Inappropriate implementation in ima | cvebase.io