6.4
CVSSv2

CVE-2014-3159

Published: 20/07/2014 Updated: 07/11/2023
CVSS v2 Base Score: 6.4 | Impact Score: 4.9 | Exploitability Score: 10
VMScore: 570
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:N

Vulnerability Summary

The WebContentsDelegateAndroid::OpenURLFromTab function in components/web_contents_delegate_android/web_contents_delegate_android.cc in Google Chrome prior to 36.0.1985.122 on Android does not properly restrict URL loading, which allows remote malicious users to spoof the URL in the Omnibox via unspecified vectors.

Most Upvoted Vulmon Research Post

There is no Researcher post for this vulnerability
Would you like to share something about it? Sign up now to share your knowledge with the community.
Vulnerable Product Search on Vulmon Subscribe to Product

google chrome

google chrome 36.0.1985.1

google chrome 36.0.1985.2

google chrome 36.0.1985.3

google chrome 36.0.1985.4

google chrome 36.0.1985.5

google chrome 36.0.1985.6

google chrome 36.0.1985.8

google chrome 36.0.1985.12

google chrome 36.0.1985.13

google chrome 36.0.1985.14

google chrome 36.0.1985.15

google chrome 36.0.1985.16

google chrome 36.0.1985.17

google chrome 36.0.1985.18

google chrome 36.0.1985.19

google chrome 36.0.1985.20

google chrome 36.0.1985.21

google chrome 36.0.1985.22

google chrome 36.0.1985.23

google chrome 36.0.1985.24

google chrome 36.0.1985.25

google chrome 36.0.1985.26

google chrome 36.0.1985.27

google chrome 36.0.1985.28

google chrome 36.0.1985.29

google chrome 36.0.1985.30

google chrome 36.0.1985.31

google chrome 36.0.1985.32

google chrome 36.0.1985.33

google chrome 36.0.1985.34

google chrome 36.0.1985.35

google chrome 36.0.1985.36

google chrome 36.0.1985.37

google chrome 36.0.1985.38

google chrome 36.0.1985.39

google chrome 36.0.1985.40

google chrome 36.0.1985.41

google chrome 36.0.1985.42

google chrome 36.0.1985.43

google chrome 36.0.1985.44

google chrome 36.0.1985.45

google chrome 36.0.1985.46

google chrome 36.0.1985.47

google chrome 36.0.1985.48

google chrome 36.0.1985.49

google chrome 36.0.1985.50

google chrome 36.0.1985.51

google chrome 36.0.1985.52

google chrome 36.0.1985.53

google chrome 36.0.1985.54

google chrome 36.0.1985.55

google chrome 36.0.1985.56

google chrome 36.0.1985.57

google chrome 36.0.1985.58

google chrome 36.0.1985.59

google chrome 36.0.1985.60

google chrome 36.0.1985.61

google chrome 36.0.1985.62

google chrome 36.0.1985.63

google chrome 36.0.1985.64

google chrome 36.0.1985.65

google chrome 36.0.1985.66

google chrome 36.0.1985.67

google chrome 36.0.1985.68

google chrome 36.0.1985.69

google chrome 36.0.1985.70

google chrome 36.0.1985.72

google chrome 36.0.1985.73

google chrome 36.0.1985.74

google chrome 36.0.1985.75

google chrome 36.0.1985.76

google chrome 36.0.1985.77

google chrome 36.0.1985.78

google chrome 36.0.1985.79

google chrome 36.0.1985.81

google chrome 36.0.1985.82

google chrome 36.0.1985.83

google chrome 36.0.1985.84

google chrome 36.0.1985.85

google chrome 36.0.1985.86

google chrome 36.0.1985.87

google chrome 36.0.1985.88

google chrome 36.0.1985.89

google chrome 36.0.1985.90

google chrome 36.0.1985.91

google chrome 36.0.1985.92

google chrome 36.0.1985.93

google chrome 36.0.1985.94

google chrome 36.0.1985.95

google chrome 36.0.1985.96

google chrome 36.0.1985.97

google chrome 36.0.1985.98

google chrome 36.0.1985.99

google chrome 36.0.1985.100

google chrome 36.0.1985.101

google chrome 36.0.1985.102

google chrome 36.0.1985.103

google chrome 36.0.1985.104

google chrome 36.0.1985.105

Github Repositories

for test attack

seungminaaagithubio for test attack xhtml, attackhtml is for cve-2019-13742 contenthtml is for cve-2019-13749 spoofhtml is for cve-2016-1707 repro1html, repro2html is for cve-2014-3159 spoof2html is for cve-2020-6827