CVE-2017-5042
First published: Mon Apr 24 2017(Updated: )
Cast in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android sent cookies to sites discovered via SSDP, which allowed an attacker on the local network segment to initiate connections to arbitrary URLs and observe any plaintext cookies sent.
Credit: cve-coordination@google.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Google Chrome | <=57.0.2987.75 | |
| Apple macOS | ||
| Linux Linux kernel | ||
| Microsoft Windows | ||
| Google Chrome | <=57.0.2987.100 | |
| Google Android | ||
| Redhat Enterprise Linux Desktop | =6.0 | |
| Redhat Enterprise Linux Server | =6.0 | |
| Redhat Enterprise Linux Workstation | =6.0 | |
| Debian Debian Linux | =8.0 | |
| Debian Debian Linux | =9.0 |
Remedy
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- agent/weakness
- agent/severity
- agent/references
- agent/author
- agent/description
- agent/event
- agent/type
- agent/remedy
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- collector/mitre-cve
- source/MITRE
- vendor/google
- canonical/google chrome
- version/google chrome/57.0.2987.75
- vendor/apple
- canonical/apple macos
- vendor/linux
- canonical/linux linux kernel
- vendor/microsoft
- canonical/microsoft windows
- version/google chrome/57.0.2987.100
- canonical/google android
- vendor/redhat
- canonical/redhat enterprise linux desktop
- version/redhat enterprise linux desktop/6.0
- canonical/redhat enterprise linux server
- version/redhat enterprise linux server/6.0
- canonical/redhat enterprise linux workstation
- version/redhat enterprise linux workstation/6.0
- vendor/debian
- canonical/debian debian linux
- version/debian debian linux/8.0
- version/debian debian linux/9.0