BROWSER-CHROME -- Snort has detected suspicious traffic known to exploit vulnerabilities present in the Chrome browser. These rules are separate from the "browser-webkit" category; while it uses the Webkit rendering engine, there's a lot of other features to create a secondary Chrome category.
BROWSER-CHROME Google Chrome Javascript V8 Array.includes information leak attempt
This event is generated when an attempt to exploit Google Chrome via CVE-2017-5040 is detected. Impact: Attempted User Privilege Gain Details: A vulnerability exists in Google Chrome Browser's Javascript V8 engine. It is possible to craft Javascript in such a way that when calling Array.includes, properties of the array can be changed, and certain values in memory can be disclosed to the user. Ease of Attack:
No information provided
No public information
No known false positives
Cisco Talos Intelligence Group
No rule groups
CVE-2017-5040 |
Loading description
|