Products

Solutions

Company

Book A Live Demo

CVE-2017-15387 : Vulnerability Insights and Analysis

Learn about CVE-2017-15387, a vulnerability in Google Chrome's Blink engine allowing remote attackers to exploit Content Security Policy inadequacies. Find mitigation steps here.

Google Chrome prior to version 62.0.3202.62 had a vulnerability in its Blink engine that allowed remote attackers to exploit Content Security Policy implementation inadequacies.

Understanding CVE-2017-15387

A flaw in Google Chrome's Blink engine before version 62.0.3202.62 enabled attackers to misuse Content Security Policy, potentially leading to unauthorized actions.

What is CVE-2017-15387?

This CVE refers to the insufficient enforcement of Content Security Policy in Google Chrome, allowing attackers to open unauthorized javascript: URL windows through a specially crafted HTML page.

The Impact of CVE-2017-15387

The vulnerability could be exploited by remote attackers to execute malicious actions through javascript: URL windows, bypassing security restrictions.

Technical Details of CVE-2017-15387

Google Chrome's vulnerability in the Blink engine prior to version 62.0.3202.62 had the following technical aspects:

Vulnerability Description

The flaw in Blink engine allowed the opening of javascript: URL windows by attackers, despite security policies prohibiting such actions.

Affected Systems and Versions

Product: Google Chrome prior to 62.0.3202.62

Version: Google Chrome prior to 62.0.3202.62

Exploitation Mechanism

Attackers could exploit this vulnerability remotely by using a specially created HTML page to trigger the opening of unauthorized javascript: URL windows.

Mitigation and Prevention

To address CVE-2017-15387, consider the following steps:

Immediate Steps to Take

Update Google Chrome to version 62.0.3202.62 or later.

Avoid clicking on suspicious links or visiting untrusted websites.

Long-Term Security Practices

Regularly update browsers and software to the latest versions.

Implement and enforce strict Content Security Policies to mitigate similar vulnerabilities.

Educate users on safe browsing practices and potential risks.

Patching and Updates

Ensure timely installation of security patches and updates provided by Google Chrome to address known vulnerabilities.

CVE-2017-15387 : Vulnerability Insights and Analysis

Understanding CVE-2017-15387

What is CVE-2017-15387?

The Impact of CVE-2017-15387

Technical Details of CVE-2017-15387

Vulnerability Description

Affected Systems and Versions

Exploitation Mechanism

Mitigation and Prevention

Immediate Steps to Take

Long-Term Security Practices

Patching and Updates

Popular CVEs

CVE Id

Published Date

Is your System Free of Underlying Vulnerabilities?
Find Out Now

CVE-2017-15387 : Vulnerability Insights and Analysis

.css-lczsrn{margin:0;font-family:Inter;font-weight:400;font-size:1.2857142857142858rem;line-height:1.5;color:#161857;text-align:left;font-size:24px;font-weight:700;margin-top:1rem;font-family:sans-serif;}Understanding CVE-2017-15387

.css-ru2q5j{margin:0;font-family:Inter;font-weight:400;font-size:1.2857142857142858rem;line-height:1.5;color:#161857;text-align:left;font-size:1.2rem;font-weight:700;margin-top:1rem;margin-bottom:0rem;font-family:sans-serif;}What is CVE-2017-15387?

The Impact of CVE-2017-15387

Technical Details of CVE-2017-15387

Vulnerability Description

Affected Systems and Versions

Exploitation Mechanism

Mitigation and Prevention

Immediate Steps to Take

Long-Term Security Practices

Patching and Updates

Popular CVEs

CVE Id

Published Date

Is your System Free of Underlying Vulnerabilities? Find Out Now

Understanding CVE-2017-15387

What is CVE-2017-15387?

Is your System Free of Underlying Vulnerabilities?
Find Out Now