Описание
The HTTPS implementation in Google Chrome before 28.0.1500.71 does not ensure that headers are terminated by \r\n\r\n (carriage return, newline, carriage return, newline), which allows man-in-the-middle attackers to have an unspecified impact via vectors that trigger header truncation.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | released | 28.0.1500.71-0ubuntu1.13.10.1 |
| lucid | ignored | end of life |
| precise | released | 28.0.1500.71-0ubuntu1.12.04.1 |
| quantal | released | 28.0.1500.71-0ubuntu1.12.10.1 |
| raring | released | 28.0.1500.71-0ubuntu1.13.04.1 |
| upstream | released | 28.0.1500.71 |
Показывать по
Ссылки на источники
6.8 Medium
CVSS2
Связанные уязвимости
The HTTPS implementation in Google Chrome before 28.0.1500.71 does not ensure that headers are terminated by \r\n\r\n (carriage return, newline, carriage return, newline), which allows man-in-the-middle attackers to have an unspecified impact via vectors that trigger header truncation.
The HTTPS implementation in Google Chrome before 28.0.1500.71 does not ...
The HTTPS implementation in Google Chrome before 28.0.1500.71 does not ensure that headers are terminated by \r\n\r\n (carriage return, newline, carriage return, newline), which allows man-in-the-middle attackers to have an unspecified impact via vectors that trigger header truncation.
6.8 Medium
CVSS2