Endpoint Vulnerability

Security Vulnerability CVE-2016-5134 for Google Chrome

Description

net/proxy/proxy_service.cc in the Proxy Auto-Config (PAC) feature in Google Chrome before 52.0.2743.82 does not ensure that URL information is restricted to a scheme, host, and port, which allows remote attackers to discover credentials by operating a server with a PAC script, a related issue to CVE-2016-3763.

Affected Products

Google Chrome

References

CVE-2016-5134,