extensions/common/url_pattern.cc in Google Chrome before 37.0.2062.94 does not prevent use of a '\0' character in a host name, which allows remote attackers to spoof the extension permission dialog by relying on truncation after this character.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: Chrome
Published: 2014-08-27T01:00:00
Updated: 2024-08-06T10:35:56.627Z
Reserved: 2014-05-03T00:00:00
Link: CVE-2014-3170
Vulnrichment
No data.
NVD
Status : Modified
Published: 2014-08-27T01:55:05.523
Modified: 2023-11-07T02:19:51.103
Link: CVE-2014-3170
Redhat
No data.