CVE-2014-3160 in ChromeИнформация

Сводка

по MITRE

The ResourceFetcher::canRequest function in core/fetch/ResourceFetcher.cpp in Blink, as used in Google Chrome before 36.0.1985.125, does not properly restrict subresource requests associated with SVG files, which allows remote attackers to bypass the Same Origin Policy via a crafted file.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

Резервировать

03.05.2014

Раскрытие

20.07.2014

Модерация

принято

Вход

VDB-67174

EPSS

0.01343

KEV

Нет

Деятельности

Очень низкий

Источники

Do you want to use VulDB in your project?

Use the official API to access entries easily!