The UnescapeURLWithOffsetsImpl function in net/base/escape.cc in Google Chrome prior to 34.0.1847.116 does not properly handle bidirectional Internationalized Resource Identifiers (IRIs), which makes it easier for remote malicious users to spoof URLs via crafted use of right-to-left (RTL) Unicode text.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
google chrome |