{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2013-10-01T00:00:00", "descriptions": [{"lang": "en", "value": "Google Chrome before 30.0.1599.66 uses incorrect function calls to determine the values of NavigationEntry objects, which allows remote attackers to spoof the address bar via vectors involving a response with a 204 (aka No Content) status code."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-09-18T12:57:01", "orgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", "shortName": "Chrome"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "http://googlechromereleases.blogspot.com/2013/10/stable-channel-update.html"}, {"name": "openSUSE-SU-2014:0065", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-updates/2014-01/msg00042.html"}, {"name": "DSA-2785", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2013/dsa-2785"}, {"name": "openSUSE-SU-2013:1556", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00002.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://code.google.com/p/chromium/issues/detail?id=265221"}, {"name": "oval:org.mitre.oval:def:18782", "tags": ["vdb-entry", "signature", "x_refsource_OVAL"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18782"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://src.chromium.org/viewvc/chrome?revision=217485&view=revision"}, {"name": "openSUSE-SU-2013:1861", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00002.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security@google.com", "ID": "CVE-2013-2908", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Google Chrome before 30.0.1599.66 uses incorrect function calls to determine the values of NavigationEntry objects, which allows remote attackers to spoof the address bar via vectors involving a response with a 204 (aka No Content) status code."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "http://googlechromereleases.blogspot.com/2013/10/stable-channel-update.html", "refsource": "CONFIRM", "url": "http://googlechromereleases.blogspot.com/2013/10/stable-channel-update.html"}, {"name": "openSUSE-SU-2014:0065", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-updates/2014-01/msg00042.html"}, {"name": "DSA-2785", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2013/dsa-2785"}, {"name": "openSUSE-SU-2013:1556", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00002.html"}, {"name": "https://code.google.com/p/chromium/issues/detail?id=265221", "refsource": "CONFIRM", "url": "https://code.google.com/p/chromium/issues/detail?id=265221"}, {"name": "oval:org.mitre.oval:def:18782", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18782"}, {"name": "https://src.chromium.org/viewvc/chrome?revision=217485&view=revision", "refsource": "CONFIRM", "url": "https://src.chromium.org/viewvc/chrome?revision=217485&view=revision"}, {"name": "openSUSE-SU-2013:1861", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00002.html"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T15:52:21.156Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://googlechromereleases.blogspot.com/2013/10/stable-channel-update.html"}, {"name": "openSUSE-SU-2014:0065", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-updates/2014-01/msg00042.html"}, {"name": "DSA-2785", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "http://www.debian.org/security/2013/dsa-2785"}, {"name": "openSUSE-SU-2013:1556", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00002.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://code.google.com/p/chromium/issues/detail?id=265221"}, {"name": "oval:org.mitre.oval:def:18782", "tags": ["vdb-entry", "signature", "x_refsource_OVAL", "x_transferred"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18782"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://src.chromium.org/viewvc/chrome?revision=217485&view=revision"}, {"name": "openSUSE-SU-2013:1861", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00002.html"}]}]}, "cveMetadata": {"assignerOrgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", "assignerShortName": "Chrome", "cveId": "CVE-2013-2908", "datePublished": "2013-10-02T10:00:00", "dateReserved": "2013-04-11T00:00:00", "dateUpdated": "2024-08-06T15:52:21.156Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*", "matchCriteriaId": "F73746CB-C113-451E-BE0C-6B61D8322146", "versionEndIncluding": "30.0.1599.65", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:30.0.1599.0:*:*:*:*:*:*:*", "matchCriteriaId": "718E1E01-2B0A-44B9-949F-070CCCF36DD4", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:30.0.1599.1:*:*:*:*:*:*:*", "matchCriteriaId": "71AA30E4-8385-4262-922E-956A8AA18DBD", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:30.0.1599.2:*:*:*:*:*:*:*", "matchCriteriaId": "CD763502-1E9D-4385-816F-96B4B2549978", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:30.0.1599.4:*:*:*:*:*:*:*", "matchCriteriaId": "DF230AD1-E787-4068-A37D-883961FB7318", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:30.0.1599.5:*:*:*:*:*:*:*", "matchCriteriaId": "BAEEDFA5-8066-44BD-80F0-18292D5AA6D2", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:30.0.1599.6:*:*:*:*:*:*:*", "matchCriteriaId": "5C2D3BE7-9248-4D03-9875-C37294A78D4D", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:30.0.1599.7:*:*:*:*:*:*:*", "matchCriteriaId": "8C2BDF85-1A6F-43B5-A381-E074CB38177B", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:30.0.1599.8:*:*:*:*:*:*:*", "matchCriteriaId": "46D40261-1858-4167-8E34-D0A71FA70CB8", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:30.0.1599.9:*:*:*:*:*:*:*", "matchCriteriaId": "DC034B15-750B-40EB-9E26-3692B08CDF2C", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:30.0.1599.10:*:*:*:*:*:*:*", "matchCriteriaId": "B0B230FB-5372-440C-ADBF-6B149B041810", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:30.0.1599.11:*:*:*:*:*:*:*", "matchCriteriaId": "2E80F733-B13F-47E7-BECB-9E937FDA4A4E", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:30.0.1599.12:*:*:*:*:*:*:*", "matchCriteriaId": "C7FE68A6-7FEA-420F-BB3C-A4E7BBE080C8", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:30.0.1599.13:*:*:*:*:*:*:*", "matchCriteriaId": "9193F86A-8266-4CD7-A4B8-F3E612FC65D4", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:30.0.1599.14:*:*:*:*:*:*:*", "matchCriteriaId": "DE84119F-DA67-4D2C-81BA-F62B92082C39", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:30.0.1599.15:*:*:*:*:*:*:*", "matchCriteriaId": "09FF32A3-D506-4C56-B0D6-3351EBD337A0", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:30.0.1599.16:*:*:*:*:*:*:*", "matchCriteriaId": "A7B4D6B2-4F10-4F7F-9006-6229AA2C2FC7", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:30.0.1599.17:*:*:*:*:*:*:*", "matchCriteriaId": "4B589B35-D68B-49F9-9B8D-FD2AC9EC4FD0", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:30.0.1599.18:*:*:*:*:*:*:*", "matchCriteriaId": "9FD8371A-E961-4E46-BEDD-2050A78F051F", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:30.0.1599.19:*:*:*:*:*:*:*", "matchCriteriaId": "28FB514A-A808-49B6-A522-97E511531BD5", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:30.0.1599.20:*:*:*:*:*:*:*", "matchCriteriaId": "C74D7FAA-DB5F-4E18-92B2-D1A48523F4EE", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:30.0.1599.21:*:*:*:*:*:*:*", "matchCriteriaId": "CDA19E60-5DE5-49BE-9753-081B4B7F6807", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:30.0.1599.22:*:*:*:*:*:*:*", "matchCriteriaId": "7BEDB43F-B3DC-42EA-9674-4028B632725D", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:30.0.1599.23:*:*:*:*:*:*:*", "matchCriteriaId": "8BA4286F-662A-42D8-8477-BC7F3F096A4A", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:30.0.1599.24:*:*:*:*:*:*:*", "matchCriteriaId": "F3C3B345-844D-4388-8269-AB2585A92D69", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:30.0.1599.25:*:*:*:*:*:*:*", "matchCriteriaId": "5129CAF1-6049-4F2F-A46C-60167D84E1D0", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:30.0.1599.26:*:*:*:*:*:*:*", "matchCriteriaId": "7756087F-A847-4905-B7FD-B391145FEE1A", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:30.0.1599.27:*:*:*:*:*:*:*", "matchCriteriaId": "25B4679D-BB38-4294-BBA2-062B1BDC846C", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:30.0.1599.28:*:*:*:*:*:*:*", "matchCriteriaId": "20DDC53C-9F10-47D9-B7C9-A9B2C583983B", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:30.0.1599.29:*:*:*:*:*:*:*", "matchCriteriaId": "4AC552FC-DB2D-4A5A-938F-9411A79ACD8A", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:30.0.1599.30:*:*:*:*:*:*:*", "matchCriteriaId": "1C75E089-48A1-42CD-8EFD-9C486561A386", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:30.0.1599.31:*:*:*:*:*:*:*", "matchCriteriaId": "853C3ED2-44F5-4565-A352-7DC8CD269DA0", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:30.0.1599.32:*:*:*:*:*:*:*", "matchCriteriaId": "667150C6-719B-4019-A4A2-366D664C8573", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:30.0.1599.33:*:*:*:*:*:*:*", "matchCriteriaId": "A53B79F3-8898-4503-B264-476969EE5F4E", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:30.0.1599.34:*:*:*:*:*:*:*", "matchCriteriaId": "8D93EF3E-28EA-4B53-B7CE-CCB337E20B9C", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:30.0.1599.35:*:*:*:*:*:*:*", "matchCriteriaId": "B36D53E0-0A1C-44E4-A770-2022353540CC", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:30.0.1599.36:*:*:*:*:*:*:*", "matchCriteriaId": "728BAF5E-3F6A-4C62-BFED-FDBF78E9D058", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:30.0.1599.37:*:*:*:*:*:*:*", "matchCriteriaId": "E63BB3E8-CE3A-434F-8A53-1888F5F21314", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:30.0.1599.38:*:*:*:*:*:*:*", "matchCriteriaId": "74CB79B1-69F8-46EA-84DF-3CEFB749391B", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:30.0.1599.39:*:*:*:*:*:*:*", "matchCriteriaId": "B3CF1250-19E0-40B7-BEAB-25DCEA625C78", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:30.0.1599.40:*:*:*:*:*:*:*", "matchCriteriaId": "CD21BECA-03E6-4209-B4FE-14FEE61C32F4", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:30.0.1599.41:*:*:*:*:*:*:*", "matchCriteriaId": "26577D56-EA0A-478D-94DB-4AAC3BF7DA04", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:30.0.1599.42:*:*:*:*:*:*:*", "matchCriteriaId": "208D2727-C33A-4C29-A8E5-5EA8258F4AFB", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:30.0.1599.43:*:*:*:*:*:*:*", "matchCriteriaId": "C9BE1044-C2B3-4BA1-8825-FBE6E69AE742", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:30.0.1599.44:*:*:*:*:*:*:*", "matchCriteriaId": "02141842-3F25-4244-B4F2-AA1B1C18469A", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:30.0.1599.47:*:*:*:*:*:*:*", "matchCriteriaId": "63EA0BFF-552C-4B89-8942-79A6B3F09B68", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:30.0.1599.48:*:*:*:*:*:*:*", "matchCriteriaId": "EBC8B17C-5E37-4D48-A701-F0C1E055307E", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:30.0.1599.49:*:*:*:*:*:*:*", "matchCriteriaId": "E6311079-3A55-4015-A791-0940664BD4F5", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:30.0.1599.50:*:*:*:*:*:*:*", "matchCriteriaId": "5F691767-D50F-4F6D-AB4E-D3B943CA409A", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:30.0.1599.51:*:*:*:*:*:*:*", "matchCriteriaId": "03538477-6FEE-4FD2-902A-159444254CA0", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:30.0.1599.52:*:*:*:*:*:*:*", "matchCriteriaId": "1839A59A-F426-428F-9ABA-7D1133A207EE", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:30.0.1599.53:*:*:*:*:*:*:*", "matchCriteriaId": "A1C14BBA-1E71-4359-9616-AFD4787255E0", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:30.0.1599.56:*:*:*:*:*:*:*", "matchCriteriaId": "B1E80643-F04A-41C0-A669-84B0D7ECF1D9", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:30.0.1599.57:*:*:*:*:*:*:*", "matchCriteriaId": "82DDBFE7-88B0-4489-845B-6DF03393FFAF", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:30.0.1599.58:*:*:*:*:*:*:*", "matchCriteriaId": "70CDD9F0-E0A0-42B5-B974-811BCF86FBF7", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:30.0.1599.59:*:*:*:*:*:*:*", "matchCriteriaId": "DD62E41E-C6E8-4D85-B72E-D737139506C6", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:30.0.1599.60:*:*:*:*:*:*:*", "matchCriteriaId": "CAC3A02F-7C0C-48CB-BA72-ECE286EFE0AC", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:30.0.1599.61:*:*:*:*:*:*:*", "matchCriteriaId": "C2098B5F-B3D1-4EA9-BF6C-DAACDA14FB92", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:30.0.1599.64:*:*:*:*:*:*:*", "matchCriteriaId": "5555B49F-973C-48AB-A4C4-A03EC3726E6B", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Google Chrome before 30.0.1599.66 uses incorrect function calls to determine the values of NavigationEntry objects, which allows remote attackers to spoof the address bar via vectors involving a response with a 204 (aka No Content) status code."}, {"lang": "es", "value": "Google Chrome anterior a la versi\u00f3n 30.0.1599.66 usa llamadas a funciones incorrectas para determinar los valores de objetos NavigationEntry, lo que permite a atacantes remotos falsificar la barra de direcciones a trav\u00e9s de vectores que involucren una respuesta con un c\u00f3digo de estado 204 (aka No Content)."}], "id": "CVE-2013-2908", "lastModified": "2025-04-11T00:51:21.963", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2013-10-02T10:35:35.057", "references": [{"source": "chrome-cve-admin@google.com", "url": "http://googlechromereleases.blogspot.com/2013/10/stable-channel-update.html"}, {"source": "chrome-cve-admin@google.com", "url": "http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00002.html"}, {"source": "chrome-cve-admin@google.com", "url": "http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00002.html"}, {"source": "chrome-cve-admin@google.com", "url": "http://lists.opensuse.org/opensuse-updates/2014-01/msg00042.html"}, {"source": "chrome-cve-admin@google.com", "url": "http://www.debian.org/security/2013/dsa-2785"}, {"source": "chrome-cve-admin@google.com", "url": "https://code.google.com/p/chromium/issues/detail?id=265221"}, {"source": "chrome-cve-admin@google.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18782"}, {"source": "chrome-cve-admin@google.com", "url": "https://src.chromium.org/viewvc/chrome?revision=217485&view=revision"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://googlechromereleases.blogspot.com/2013/10/stable-channel-update.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00002.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00002.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.opensuse.org/opensuse-updates/2014-01/msg00042.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2013/dsa-2785"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://code.google.com/p/chromium/issues/detail?id=265221"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18782"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://src.chromium.org/viewvc/chrome?revision=217485&view=revision"}], "sourceIdentifier": "chrome-cve-admin@google.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{}