Information disclosure vulnerability in SpeechInput feature in Blink in Google Chrome (rpm)ID: oval:org.secpod.oval:def:19742 | Date: (C)2014-06-08 (M)2023-11-16 |
Class: VULNERABILITY | Family: unix |
The host is installed with Google Chrome before 35.0.1916.114 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to handle an INPUT element with a -x-webkit-speech attribute. Successful exploitation could allow attackers to enable microphone access and obtain speech-recognition text.