Oval Definition:oval:org.opensuse.security:def:20175120
Revision Date:2022-06-30Version:1
Title:CVE-2017-5120
Description:

Inappropriate use of www mismatch redirects in browser navigation in Google Chrome prior to 61.0.3163.79 for Mac, Windows, and Linux, and 61.0.3163.81 for Android, allowed a remote attacker to potentially downgrade HTTPS requests to HTTP via a crafted HTML page. In other words, Chrome could transmit cleartext even though the user had entered an https URL, because of a misdesigned workaround for cases where the domain name in a URL almost matches the domain name in an X.509 server certificate (but differs in the initial "www." substring).
Family:unixClass:vulnerability
Status:Reference(s):CVE-2017-5120
openSUSE-SU-2017:2482-1
openSUSE-SU-2017:2491-1
Mitre CVE-2017-5120
SUSE CVE-2017-5120
openSUSE-SU-2017:2482-1
openSUSE-SU-2017:2491-1
Platform(s):openSUSE Leap 15.0
openSUSE Leap 15.3
openSUSE Leap 15.4
openSUSE Leap 42.2
openSUSE Leap 42.3
openSUSE Tumbleweed
SUSE Linux Enterprise High Performance Computing 12 SP2
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP4
SUSE Linux Enterprise Server 12 SP5
SUSE Linux Enterprise Server for SAP Applications 12 SP2
SUSE Linux Enterprise Server for SAP Applications 12 SP3
SUSE Linux Enterprise Server for SAP Applications 12 SP4
SUSE Linux Enterprise Server for SAP Applications 12 SP5
SUSE Package Hub for SUSE Linux Enterprise 12 SP2
Product(s):
Definition Synopsis
  • openSUSE Leap 42.2 is installed
  • AND Package Information
  • chromedriver-61.0.3163.79-104.24.1 is installed
  • AND chromedriver is signed with openSUSE key
  • OR
  • chromium-61.0.3163.79-104.24.1 is installed
  • AND chromium is signed with openSUSE key
    • Definition Synopsis
  • openSUSE Leap 42.3 is installed
  • AND Package Information
  • chromedriver-61.0.3163.79-110 is installed
  • AND chromedriver is signed with openSUSE key
  • OR
  • chromium-61.0.3163.79-110 is installed
  • AND chromium is signed with openSUSE key
    • Definition Synopsis
  • SUSE Package Hub for SUSE Linux Enterprise 12 SP2 is installed
  • AND Package Information
  • chromedriver-61.0.3163.79-29 is installed
  • OR chromium-61.0.3163.79-29 is installed
    • Definition Synopsis
  • openSUSE Leap 15.0 is installed
  • AND Package Information
  • chromium-66.0.3359.170-lp150.1 is installed
  • AND chromium is signed with openSUSE key
    • Definition Synopsis
  • openSUSE Tumbleweed is installed
  • AND Package Information
  • chromedriver-93.0.4577.82-1.1 is installed
  • OR chromium-93.0.4577.82-1.1 is installed
    • Definition Synopsis
  • SUSE Package Hub for SUSE Linux Enterprise 12 SP2 is installed
  • AND Package Information
  • chromedriver-61.0.3163.79-29.1 is installed
  • OR chromium-61.0.3163.79-29.1 is installed
    • Definition Synopsis
  • openSUSE Leap 15.3 is installed
  • AND Package Information
  • chromium-90.0.4430.212-bp153.1.1 is installed
  • AND chromium is signed with openSUSE key
    • Definition Synopsis
  • openSUSE Leap 15.4 is installed
  • AND Package Information
  • chromium-101.0.4951.64-bp154.1.2 is installed
  • AND chromium is signed with openSUSE key
    • BACK