CVE-2016-5208

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 55.0.2883.75 for Linux and Windows Google Chrome versions prior to 55.0.2883.84 for Android Opera (affected versions not specified)

Description The issue exists due to the lack of protection for the web page structure in the Blink component. A remote attacker can exploit this by using a specially crafted HTML page to obtain information about the integration platform and operating system. The vulnerability allows for possible corruption of the DOM tree during synchronous event handling, enabling a remote attacker to inject arbitrary scripts or HTML.

Recommendations For Google Chrome versions prior to 55.0.2883.75 on Linux and Windows, update to version 55.0.2883.75 or later. For Google Chrome versions prior to 55.0.2883.84 on Android, update to version 55.0.2883.84 or later. For Opera, at the moment, there is no information about a newer version that contains a fix for this vulnerability.