Insufficient policy enforcement in tab strip in Google Chrome prior to 83.0.4103.61 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted Chrome Extension.
During installation, installed file permissions are set to allow anyone to modify those files.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Chrome | * | 83.0.4103.61 (excluding) | |
Red Hat Enterprise Linux 6 Supplementary | RedHat | chromium-browser-0:83.0.4103.97-1.el6_10 | * |
Chromium-browser | Ubuntu | bionic | * |
Chromium-browser | Ubuntu | trusty | * |
Chromium-browser | Ubuntu | upstream | * |
Chromium-browser | Ubuntu | xenial | * |