NVD

Id
18044  
Name
CVE-2016-1694  
Description
browser/browsing_data/browsing_data_remover.cc in Google Chrome before 51.0.2704.63 deletes HPKP pins during cache clearing, which makes it easier for remote attackers to spoof web sites via a valid certificate from an arbitrary recognized Certification Authority.  
Reject
 
CVSS Version
2  
CVSS Score
4.3  
Severity
Medium  
CVSS Base Score
4.3  
CVSS Impact Subscore
2.9  
CVSS Exploit Subscore
8.6  
CVSS Vector
(AV:N/AC:M/Au:N/C:N/I:P/A:N)  
Pub Date
2017-01-19  
Published
2016-06-05  
Modified Date
2016-11-28  
Seq
2016-1694  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
99249 18044 CVE-2016-1694 http://googlechromereleases.blogspot.com/2016/05/stable-channel-update_25.html  View
99250 18044 CVE-2016-1694 openSUSE-SU-2016:1430  View
99251 18044 CVE-2016-1694 openSUSE-SU-2016:1433  View
99252 18044 CVE-2016-1694 openSUSE-SU-2016:1496  View
99253 18044 CVE-2016-1694 DSA-3590  View
99254 18044 CVE-2016-1694 90876  View
99255 18044 CVE-2016-1694 1035981  View
99256 18044 CVE-2016-1694 RHSA-2016:1190  View
99257 18044 CVE-2016-1694 https://codereview.chromium.org/1941073002  View
99258 18044 CVE-2016-1694 https://crbug.com/603682  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
2266 JVNDB-2016-003039 Google Chrome の browser/browsing_data/browsing_data_remover.cc における Web サイトを偽装される脆弱性 Google Chrome の browser/browsing_data/browsing_data_remover.cc は、キャッシュをクリアする際に HPKP ピンを削除するため、Web サイトを偽装される脆弱性が存在します。 CVE-2016-1694 88200 CVE-2016-1694 18044 4.3 5.3 http://jvndb.jvn.jp/ja/contents/2016/JVNDB-2016-003039.html 2016-05-25 2016-08-31 View