CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2016-5197

The content view client in Google Chrome prior to 54.0.2840.85 for Android insufficiently validated intent URLs, which allowed a remote attacker who had compromised the renderer process to start arbitrary activity on the system via a crafted HTML page.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.006

EPSS Ranking 69.0%

CVSS Severity

CVSS v3 Score 8.8

CVSS v2 Score 6.8

References

http://www.securityfocus.com/bid/94078
https://chromereleases.googleblog.com/2016/10/chrome-for-android-update_31.html
https://crbug.com/659477
http://www.securityfocus.com/bid/94078
https://chromereleases.googleblog.com/2016/10/chrome-for-android-update_31.html
https://crbug.com/659477

Products affected by CVE-2016-5197

Google » Chrome » Version: 38.0.2125.101

cpe:2.3:a:google:chrome:38.0.2125.101
Google » Chrome » Version: 40.0.2214.109

cpe:2.3:a:google:chrome:40.0.2214.109
Google » Chrome » Version: 40.0.2214.89

cpe:2.3:a:google:chrome:40.0.2214.89
Google » Chrome » Version: 42.0.2311.107

cpe:2.3:a:google:chrome:42.0.2311.107
Google » Chrome » Version: 54.0.2840.68

cpe:2.3:a:google:chrome:54.0.2840.68

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2016-5197

Products

Pricing

Contact Us