Endpoint Vulnerability

Security Vulnerability CVE-2016-1707 for Google Chrome

Description

ios/web/web_state/ui/crw_web_controller.mm in Google Chrome before 52.0.2743.82 on iOS does not ensure that an invalid URL is replaced with the about:blank URL, which allows remote attackers to spoof the URL display via a crafted web site.

Affected Products

Google Chrome

References

CVE-2016-1707,