Published: 10/07/2013 Updated: 07/11/2023

CVSS v2 Base Score: 5.8 | Impact Score: 4.9 | Exploitability Score: 8.6

VMScore: 516

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:N

Google Chrome prior to 28.0.1500.71 does not properly determine the circumstances in which a renderer process can be considered a trusted process for sign-in and subsequent sync operations, which makes it easier for remote malicious users to conduct phishing attacks via a crafted web site.

Vulnerable Product	Search on Vulmon	Subscribe to Product
google chrome 28.0.1500.68
google chrome 28.0.1500.26
google chrome 28.0.1500.31
google chrome 28.0.1500.0
google chrome 28.0.1500.33
google chrome 28.0.1500.29
google chrome 28.0.1500.25
google chrome 28.0.1500.66
google chrome 28.0.1500.41
google chrome 28.0.1500.12
google chrome 28.0.1500.13
google chrome 28.0.1500.62
google chrome 28.0.1500.20
google chrome 28.0.1500.39
google chrome 28.0.1500.60
google chrome 28.0.1500.15
google chrome 28.0.1500.59
google chrome 28.0.1500.23
google chrome 28.0.1500.45
google chrome 28.0.1500.43
google chrome 28.0.1500.40
google chrome 28.0.1500.3
google chrome 28.0.1500.52
google chrome 28.0.1500.34
google chrome 28.0.1500.46
google chrome 28.0.1500.8
google chrome 28.0.1500.63
google chrome 28.0.1500.53
google chrome 28.0.1500.4
google chrome 28.0.1500.36
google chrome 28.0.1500.44
google chrome 28.0.1500.51
google chrome 28.0.1500.19
google chrome 28.0.1500.2
google chrome 28.0.1500.50
google chrome 28.0.1500.56
google chrome 28.0.1500.54
google chrome 28.0.1500.18
google chrome 28.0.1500.27
google chrome 28.0.1500.21
google chrome 28.0.1500.14
google chrome 28.0.1500.9
google chrome 28.0.1500.16
google chrome 28.0.1500.37
google chrome 28.0.1500.6
google chrome 28.0.1500.47
google chrome 28.0.1500.42
google chrome 28.0.1500.11
google chrome 28.0.1500.17
google chrome 28.0.1500.28
google chrome 28.0.1500.49
google chrome 28.0.1500.35
google chrome 28.0.1500.61
google chrome 28.0.1500.48
google chrome 28.0.1500.22
google chrome 28.0.1500.64
google chrome 28.0.1500.24
google chrome 28.0.1500.58
google chrome 28.0.1500.10
google chrome 28.0.1500.32
google chrome
google chrome 28.0.1500.5
google chrome 28.0.1500.38
debian debian linux 7.0

Several vulnerabilities have been discovered in the Chromium web browser CVE-2013-2853 The HTTPS implementation does not ensure that headers are terminated by \r\n\r\n (carriage return, newline, carriage return, newline) CVE-2013-2867 Chrome does not properly prevent pop-under windows CVE-2013-2868 common/extensions/sync_helper ...

CWE-200 http://git.chromium.org/gitweb/?p=chromium/chromium.git%3Ba=commit%3Bh=8a8eb83276778c9fbcf9ebcd4436077269b73074 https://code.google.com/p/chromium/issues/detail?id=252062 http://www.debian.org/security/2013/dsa-2724 http://git.chromium.org/gitweb/?p=chromium/chromium.git%3Ba=commit%3Bh=f0aa298677a1afb9a40b36e32bc9c4d9b4861eac https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17177 http://googlechromereleases.blogspot.com/2013/07/stable-channel-update.html https://www.debian.org/security/./dsa-2724 https://nvd.nist.gov

CVE-2013-2879

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect