Google Chrome before 30.0.1599.66 uses incorrect function calls to determine the values of NavigationEntry objects, which allows remote attackers to spoof the address bar via vectors involving a response with a 204 (aka No Content) status code.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: Chrome
Published: 2013-10-02T10:00:00
Updated: 2024-08-06T15:52:21.156Z
Reserved: 2013-04-11T00:00:00
Link: CVE-2013-2908
Vulnrichment
No data.
NVD
Status : Modified
Published: 2013-10-02T10:35:35.057
Modified: 2023-11-07T02:15:38.620
Link: CVE-2013-2908
Redhat
No data.