CVE-2014-3160 in Chromeinformazioni

Riassunto

di MITRE

The ResourceFetcher::canRequest function in core/fetch/ResourceFetcher.cpp in Blink, as used in Google Chrome before 36.0.1985.125, does not properly restrict subresource requests associated with SVG files, which allows remote attackers to bypass the Same Origin Policy via a crafted file.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

Prenotare

03/05/2014

Divulgazione

20/07/2014

Moderazione

accettato

CPE

pronto

EPSS

0.01343

KEV

no

Attività

molto basso

Fonti

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!