Published: 16/01/2014 Updated: 26/08/2020

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

VMScore: 668

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

The OneClickSigninBubbleView::WindowClosing function in browser/ui/views/sync/one_click_signin_bubble_view.cc in Google Chrome prior to 32.0.1700.76 on Windows and prior to 32.0.1700.77 on Mac OS X and Linux allows malicious users to trigger a sync with an arbitrary Google account by leveraging improper handling of the closing of an untrusted signin confirm dialog.

Vulnerable Product	Search on Vulmon	Subscribe to Product
google chrome
opensuse opensuse 12.3
opensuse opensuse 13.1
debian debian linux 8.0
debian debian linux 7.0

Several vulnerabilities have been discovered in the chromium web browser CVE-2013-6641 Atte Kettunen discovered a use-after-free issue in Blink/Webkit form elements CVE-2013-6643 Joao Lucas Melo Brasio discovered a Google account information disclosure issue related to the one-click sign-on feature CVE-2013-6644 The chrome d ...

CWE-287 https://src.chromium.org/viewvc/chrome?revision=237115&view=revision https://code.google.com/p/chromium/issues/detail?id=321940 http://googlechromereleases.blogspot.com/2014/01/stable-channel-update.html http://www.debian.org/security/2014/dsa-2862 http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00008.html https://nvd.nist.gov https://www.debian.org/security/./dsa-2862

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2013-6643

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect