Published: 02/10/2013 Updated: 07/11/2023

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

VMScore: 383

Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

Google Chrome prior to 30.0.1599.66 preserves pending NavigationEntry objects in certain invalid circumstances, which allows remote malicious users to spoof the address bar via a URL with a malformed scheme, as demonstrated by a nonexistent:12121 URL.

Vulnerable Product	Search on Vulmon	Subscribe to Product
google chrome 30.0.1599.6
google chrome 30.0.1599.28
google chrome 30.0.1599.14
google chrome 30.0.1599.0
google chrome 30.0.1599.7
google chrome 30.0.1599.38
google chrome 30.0.1599.31
google chrome 30.0.1599.15
google chrome 30.0.1599.9
google chrome 30.0.1599.42
google chrome
google chrome 30.0.1599.1
google chrome 30.0.1599.4
google chrome 30.0.1599.34
google chrome 30.0.1599.51
google chrome 30.0.1599.18
google chrome 30.0.1599.50
google chrome 30.0.1599.12
google chrome 30.0.1599.5
google chrome 30.0.1599.56
google chrome 30.0.1599.16
google chrome 30.0.1599.44
google chrome 30.0.1599.35
google chrome 30.0.1599.23
google chrome 30.0.1599.13
google chrome 30.0.1599.37
google chrome 30.0.1599.2
google chrome 30.0.1599.20
google chrome 30.0.1599.47
google chrome 30.0.1599.26
google chrome 30.0.1599.19
google chrome 30.0.1599.61
google chrome 30.0.1599.57
google chrome 30.0.1599.22
google chrome 30.0.1599.52
google chrome 30.0.1599.29
google chrome 30.0.1599.24
google chrome 30.0.1599.48
google chrome 30.0.1599.58
google chrome 30.0.1599.43
google chrome 30.0.1599.64
google chrome 30.0.1599.49
google chrome 30.0.1599.60
google chrome 30.0.1599.21
google chrome 30.0.1599.32
google chrome 30.0.1599.17
google chrome 30.0.1599.41
google chrome 30.0.1599.36
google chrome 30.0.1599.25
google chrome 30.0.1599.53
google chrome 30.0.1599.30
google chrome 30.0.1599.40
google chrome 30.0.1599.27
google chrome 30.0.1599.10
google chrome 30.0.1599.11
google chrome 30.0.1599.59
google chrome 30.0.1599.33
google chrome 30.0.1599.8
google chrome 30.0.1599.39

Several vulnerabilities have been discovered in the chromium web browser CVE-2013-2906 Atte Kettunen of OUSPG discovered race conditions in Web Audio CVE-2013-2907 Boris Zbarsky discovered an out-of-bounds read in windowprototype CVE-2013-2908 Chamal de Silva discovered an address bar spoofing issue CVE-2013-2909 Atte Kuttenen ...

NVD-CWE-Other http://googlechromereleases.blogspot.com/2013/10/stable-channel-update.html http://lists.opensuse.org/opensuse-updates/2014-01/msg00042.html http://www.debian.org/security/2013/dsa-2785 http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00002.html https://src.chromium.org/viewvc/chrome?revision=222146&view=revision https://code.google.com/p/chromium/issues/detail?id=280512 http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00002.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18319 https://nvd.nist.gov https://www.debian.org/security/./dsa-2785

CVE-2013-2915

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect