Endpoint Vulnerability

Security Vulnerability CVE-2016-1625 for Google Chrome

Description

The Chrome Instant feature in Google Chrome before 48.0.2564.109 does not ensure that a New Tab Page (NTP) navigation target is on the most-visited or suggestions list, which allows remote attackers to bypass intended restrictions via unspecified vectors, related to instant_service.cc and search_tab_helper.cc.

Affected Products

Google Chrome

References

CVE-2016-1625,