Описание
The WebContentsImpl::AttachInterstitialPage function in content/browser/web_contents/web_contents_impl.cc in Google Chrome before 31.0.1650.48 does not cancel JavaScript dialogs upon generating an interstitial warning, which allows remote attackers to spoof the address bar via a crafted web site.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 31.0.1650.63-0ubuntu1~20131204.1 |
| lucid | ignored | end of life |
| precise | released | 31.0.1650.63-0ubuntu0.12.04.1~20131204.1 |
| quantal | released | 31.0.1650.63-0ubuntu0.12.10.1~20131204.1 |
| raring | released | 31.0.1650.63-0ubuntu0.13.04.1~20131204.1 |
| saucy | released | 31.0.1650.63-0ubuntu0.13.10.1~20131204.1 |
| upstream | released | 31.0.1650.48 |
Показывать по
EPSS
4.3 Medium
CVSS2
Связанные уязвимости
The WebContentsImpl::AttachInterstitialPage function in content/browser/web_contents/web_contents_impl.cc in Google Chrome before 31.0.1650.48 does not cancel JavaScript dialogs upon generating an interstitial warning, which allows remote attackers to spoof the address bar via a crafted web site.
The WebContentsImpl::AttachInterstitialPage function in content/browse ...
The WebContentsImpl::AttachInterstitialPage function in content/browser/web_contents/web_contents_impl.cc in Google Chrome before 31.0.1650.48 does not cancel JavaScript dialogs upon generating an interstitial warning, which allows remote attackers to spoof the address bar via a crafted web site.
EPSS
4.3 Medium
CVSS2