The OneClickSigninBubbleView::WindowClosing function in browser/ui/views/sync/one_click_signin_bubble_view.cc in Google Chrome prior to 32.0.1700.76 on Windows and prior to 32.0.1700.77 on Mac OS X and Linux allows malicious users to trigger a sync with an arbitrary Google account by leveraging improper handling of the closing of an untrusted signin confirm dialog.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
google chrome |
||
opensuse opensuse 12.3 |
||
opensuse opensuse 13.1 |
||
debian debian linux 8.0 |
||
debian debian linux 7.0 |