CVE-2014-3160 in Chromeinfo

Zusammenfassung

von MITRE

The ResourceFetcher::canRequest function in core/fetch/ResourceFetcher.cpp in Blink, as used in Google Chrome before 36.0.1985.125, does not properly restrict subresource requests associated with SVG files, which allows remote attackers to bypass the Same Origin Policy via a crafted file.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

Reservieren

03.05.2014

Veröffentlichung

20.07.2014

Moderieren

akzeptiert

Eintrag

VDB-67174

CPE

bereit

EPSS

0.01343

KEV

nein

Aktivitäten

very low

Quellen

Do you need the next level of professionalism?

Upgrade your account now!