Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Insufficient data validation in crosh could lead to a command injection under chronos privileges in Networking in Google Chrome on Chrome OS prior to 61.0.3163.113 allowed a local attacker to execute arbitrary code via a crafted HTML page.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Google Chrome crosh 命令注入漏洞
Vulnerability Description
Google Chrome是美国谷歌(Google)公司的一款Web浏览器。crosh是其中的一个shell环境。 Google Chrome 61.0.3163.113之前版本(Chrome OS)中的crosh存在安全漏洞,该漏洞源于程序没有进行充分地数据验证。本地攻击者可借助特制的HTML页面利用该漏洞执行任意代码。
CVSS Information
N/A
Vulnerability Type
N/A