Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The Flash plug-in in Google Chrome before 27.0.1453.116, as used on Google Chrome OS before 27.0.1453.116 and separately, does not properly determine whether a user wishes to permit camera or microphone access by a Flash application, which allows remote attackers to obtain sensitive information from a machine's physical environment via a clickjacking attack, as demonstrated by an attack using a crafted Cascading Style Sheets (CSS) opacity property.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Google Chrome Flash插件安全漏洞
Vulnerability Description
Google Chrome是美国谷歌(Google)公司开发的一款Web浏览器。 Google Chrome 27.0.1453.116之前的版本中的Flash插件中存在漏洞,该漏洞源于程序没有正确确定用户是否希望允许摄像头或麦克风通过Flash应用程序访问。远程攻击者可通过点击劫持(如攻击使用特制的Cascading Style Sheets (CSS) opacity属性)利用该漏洞获得来自机器的物理环境的敏感信息。
CVSS Information
N/A
Vulnerability Type
N/A