NVD

Id
41554  
Name
CVE-2013-6626  
Description
The WebContentsImpl::AttachInterstitialPage function in content/browser/web_contents/web_contents_impl.cc in Google Chrome before 31.0.1650.48 does not cancel JavaScript dialogs upon generating an interstitial warning, which allows remote attackers to spoof the address bar via a crafted web site.  
Reject
 
CVSS Version
2  
CVSS Score
4.3  
Severity
Medium  
CVSS Base Score
4.3  
CVSS Impact Subscore
2.9  
CVSS Exploit Subscore
8.6  
CVSS Vector
(AV:N/AC:M/Au:N/C:N/I:P/A:N)  
Pub Date
2017-01-18  
Published
2013-11-13  
Modified Date
2014-03-05  
Seq
2013-6626  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
210062 41554 CVE-2013-6626 http://googlechromereleases.blogspot.com/2013/11/stable-channel-update.html  View
210063 41554 CVE-2013-6626 openSUSE-SU-2013:1776  View
210064 41554 CVE-2013-6626 openSUSE-SU-2013:1777  View
210065 41554 CVE-2013-6626 openSUSE-SU-2013:1861  View
210066 41554 CVE-2013-6626 openSUSE-SU-2014:0065  View
210067 41554 CVE-2013-6626 oval:org.mitre.oval:def:18401  View
210068 41554 CVE-2013-6626 DSA-2799  View
210069 41554 CVE-2013-6626 https://code.google.com/p/chromium/issues/detail?id=295695  View
210070 41554 CVE-2013-6626 https://src.chromium.org/viewvc/chrome?revision=225026&view=revision  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
23542 JVNDB-2013-005117 Google Chrome の content/browser/web_contents/web_contents_impl.cc におけるアドレスバーを偽装される脆弱性 Google Chrome の content/browser/web_contents/web_contents_impl.cc の WebContentsImpl::AttachInterstitialPage 関数は、インタースティシャル警告 (interstitial warning) を生成する際に JavaScript ダイアログをキャンセルしないため、アドレスバーを偽装される脆弱性が存在します。 CVE-2013-6626 66568 CVE-2013-6626 41554 4.3 http://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-005117.html 2013-11-12 2013-11-15 View