Lucene search

ChromeCVE-2013-2915

HistoryOct 02, 2013 - 10:35 a.m.

CVE-2013-2915

2013-10-0210:35:35

Chrome

web.nvd.nist.gov

cve-2013-2915

google chrome

security vulnerability

spoofing

remote attack

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

Confidence

Low

EPSS

0.006

Percentile

77.9%

JSON

Google Chrome before 30.0.1599.66 preserves pending NavigationEntry objects in certain invalid circumstances, which allows remote attackers to spoof the address bar via a URL with a malformed scheme, as demonstrated by a nonexistent:12121 URL.

Affected configurations

Nvd

Node

googlechromeRange≤30.0.1599.65

googlechromeMatch30.0.1599.0

googlechromeMatch30.0.1599.1

googlechromeMatch30.0.1599.2

googlechromeMatch30.0.1599.4

googlechromeMatch30.0.1599.5

googlechromeMatch30.0.1599.6

googlechromeMatch30.0.1599.7

googlechromeMatch30.0.1599.8

googlechromeMatch30.0.1599.9

googlechromeMatch30.0.1599.10

googlechromeMatch30.0.1599.11

googlechromeMatch30.0.1599.12

googlechromeMatch30.0.1599.13

googlechromeMatch30.0.1599.14

googlechromeMatch30.0.1599.15

googlechromeMatch30.0.1599.16

googlechromeMatch30.0.1599.17

googlechromeMatch30.0.1599.18

googlechromeMatch30.0.1599.19

googlechromeMatch30.0.1599.20

googlechromeMatch30.0.1599.21

googlechromeMatch30.0.1599.22

googlechromeMatch30.0.1599.23

googlechromeMatch30.0.1599.24

googlechromeMatch30.0.1599.25

googlechromeMatch30.0.1599.26

googlechromeMatch30.0.1599.27

googlechromeMatch30.0.1599.28

googlechromeMatch30.0.1599.29

googlechromeMatch30.0.1599.30

googlechromeMatch30.0.1599.31

googlechromeMatch30.0.1599.32

googlechromeMatch30.0.1599.33

googlechromeMatch30.0.1599.34

googlechromeMatch30.0.1599.35

googlechromeMatch30.0.1599.36

googlechromeMatch30.0.1599.37

googlechromeMatch30.0.1599.38

googlechromeMatch30.0.1599.39

googlechromeMatch30.0.1599.40

googlechromeMatch30.0.1599.41

googlechromeMatch30.0.1599.42

googlechromeMatch30.0.1599.43

googlechromeMatch30.0.1599.44

googlechromeMatch30.0.1599.47

googlechromeMatch30.0.1599.48

googlechromeMatch30.0.1599.49

googlechromeMatch30.0.1599.50

googlechromeMatch30.0.1599.51

googlechromeMatch30.0.1599.52

googlechromeMatch30.0.1599.53

googlechromeMatch30.0.1599.56

googlechromeMatch30.0.1599.57

googlechromeMatch30.0.1599.58

googlechromeMatch30.0.1599.59

googlechromeMatch30.0.1599.60

googlechromeMatch30.0.1599.61

googlechromeMatch30.0.1599.64

VendorProductVersionCPE
googlechrome*cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*
googlechrome30.0.1599.0cpe:2.3:a:google:chrome:30.0.1599.0:*:*:*:*:*:*:*
googlechrome30.0.1599.1cpe:2.3:a:google:chrome:30.0.1599.1:*:*:*:*:*:*:*
googlechrome30.0.1599.2cpe:2.3:a:google:chrome:30.0.1599.2:*:*:*:*:*:*:*
googlechrome30.0.1599.4cpe:2.3:a:google:chrome:30.0.1599.4:*:*:*:*:*:*:*
googlechrome30.0.1599.5cpe:2.3:a:google:chrome:30.0.1599.5:*:*:*:*:*:*:*
googlechrome30.0.1599.6cpe:2.3:a:google:chrome:30.0.1599.6:*:*:*:*:*:*:*
googlechrome30.0.1599.7cpe:2.3:a:google:chrome:30.0.1599.7:*:*:*:*:*:*:*
googlechrome30.0.1599.8cpe:2.3:a:google:chrome:30.0.1599.8:*:*:*:*:*:*:*
googlechrome30.0.1599.9cpe:2.3:a:google:chrome:30.0.1599.9:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
google	chrome	*	cpe:2.3:a:google:chrome::::::::
google	chrome	30.0.1599.0	cpe:2.3:a:google:chrome:30.0.1599.0:::::::*
google	chrome	30.0.1599.1	cpe:2.3:a:google:chrome:30.0.1599.1:::::::*
google	chrome	30.0.1599.2	cpe:2.3:a:google:chrome:30.0.1599.2:::::::*
google	chrome	30.0.1599.4	cpe:2.3:a:google:chrome:30.0.1599.4:::::::*
google	chrome	30.0.1599.5	cpe:2.3:a:google:chrome:30.0.1599.5:::::::*
google	chrome	30.0.1599.6	cpe:2.3:a:google:chrome:30.0.1599.6:::::::*
google	chrome	30.0.1599.7	cpe:2.3:a:google:chrome:30.0.1599.7:::::::*
google	chrome	30.0.1599.8	cpe:2.3:a:google:chrome:30.0.1599.8:::::::*
google	chrome	30.0.1599.9	cpe:2.3:a:google:chrome:30.0.1599.9:::::::*