BROWSER-CHROME -- Snort has detected suspicious traffic known to exploit vulnerabilities present in the Chrome browser. These rules are separate from the "browser-webkit" category; while it uses the Webkit rendering engine, there's a lot of other features to create a secondary Chrome category.
BROWSER-CHROME Google Chrome Crankshaft type confusion attempt
This event is generated when an attacker attempts to exploit a type confusion vulnerability present in the Google Chrome Crankshaft engine.
Attempted User Privilege Gain
Rule checks for attempts to exploit a type confusion vulnerability present in the Google Chrome Crankshaft engine.
Ease of Attack:
What To Look For
No public information
No known false positives
Cisco Talos Intelligence Group
MITRE ATT&CK Framework
For reference, see the MITRE ATT&CK vulnerability types here:
CVE Additional Information
CVE-2017-5070Type confusion in V8 in Google Chrome prior to 59.0.3071.86 for Linux, Windows, and Mac, and 59.0.3071.92 for Android, allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.
||Ease of Access||