Insufficient policy enforcement in downloads in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to bypass download restrictions via a crafted HTML page.
This attack-focused weakness is caused by incorrectly implemented authentication schemes that are subject to spoofing attacks.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Chrome | * | 78.0.3904.70 (excluding) | |
Red Hat Enterprise Linux 6 Supplementary | RedHat | chromium-browser-0:78.0.3904.70-1.el6_10 | * |
Chromium-browser | Ubuntu | bionic | * |
Chromium-browser | Ubuntu | devel | * |
Chromium-browser | Ubuntu | disco | * |
Chromium-browser | Ubuntu | eoan | * |
Chromium-browser | Ubuntu | trusty | * |
Chromium-browser | Ubuntu | upstream | * |
Chromium-browser | Ubuntu | xenial | * |