Inappropriate symlink handling and a race condition in the stateful recovery feature implementation could lead to a persistance established by a malicious code running with root privileges in cryptohomed in Google Chrome on Chrome OS prior to 61.0.3163.113 allowed a local attacker to execute arbitrary code via a crafted HTML page.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: Chrome
Published: 2019-01-09T19:00:00
Updated: 2024-08-05T19:57:25.933Z
Reserved: 2017-10-17T00:00:00
Link: CVE-2017-15405
Vulnrichment
No data.
NVD
Status : Modified
Published: 2019-01-09T19:29:00.917
Modified: 2023-11-07T02:39:42.267
Link: CVE-2017-15405
Redhat
No data.