CVE-2016-5220 - CVE Vulnerability

PDFium in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android incorrectly handled navigation within PDFs, which allowed a remote attacker to read local files via a crafted PDF file. (CVSS:4.3) (Last Update:2017-01-20)

Vulnerability Details : PDFium in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android incorrectly handled navigation within PDFs, which allowed a remote attacker to read local files via a crafted PDF file. Publish Date : 2017-01-19 Last Update Date : 2017-01-20 - CVSS Scores & Vulnerability Types CVSS Score 4.3 Confidentiality Impact Partial(There is considerable informational disclosure.) Integrity Impact None(There is no impact to the integrity of the system) Availability Impact None(There is no impact to the availability of the system.) Access Complexity Medium(The access conditions are somewhat specialized. Some preconditions must be satistified to exploit) Authentication Not required(Authentication is not required to exploit the vulnerability.) Gained Access None Vulnerability Type(s) Obtain Information CWE ID 200 - Products Affected By CVE-2016-5220 # Product Type Vendor Product Version Update Edition Language 1 Application Google Chrome 54.0.2840.99 Version Details Vulnerabilities - Number Of Affected Versions By Product Vendor Product Vulnerable Versions Google Chrome 1 - References For CVE-2016-5220 https://chromereleases.googleblog.com/2016/12/stable-channel-update-for-desktop.html CONFIRM http://www.securityfocus.com/bid/94633 BID 94633 Google Chrome Prior to 55.0.2883.75 Multiple Security Vulnerabilities Release Date:2016-12-06 https://crbug.com/654279 CONFIRM

- Metasploit Modules Related To CVE-2016-5220 There are not any metasploit modules related to this CVE entry (Please visit www.metasploit.com for more information)