Google Chrome before 30.0.1599.66 preserves pending NavigationEntry objects in certain invalid circumstances, which allows remote attackers to spoof the address bar via a URL with a malformed scheme, as demonstrated by a nonexistent:12121 URL.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: Chrome
Published: 2013-10-02T10:00:00
Updated: 2024-08-06T15:52:21.203Z
Reserved: 2013-04-11T00:00:00
Link: CVE-2013-2915
Vulnrichment
No data.
NVD
Status : Modified
Published: 2013-10-02T10:35:35.180
Modified: 2023-11-07T02:15:41.487
Link: CVE-2013-2915
Redhat
No data.