CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
AI Score
Confidence
Low
EPSS
Percentile
86.2%
The ResourceFetcher::canRequest function in core/fetch/ResourceFetcher.cpp in Blink, as used in Google Chrome before 36.0.1985.125, does not properly restrict subresource requests associated with SVG files, which allows remote attackers to bypass the Same Origin Policy via a crafted file.
Vendor | Product | Version | CPE |
---|---|---|---|
debian | debian_linux | 7.0 | cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:* |
debian | debian_linux | 8.0 | cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:* |
chrome | 36.0.1985.1 | cpe:2.3:a:google:chrome:36.0.1985.1:*:*:*:*:*:*:* | |
chrome | 36.0.1985.2 | cpe:2.3:a:google:chrome:36.0.1985.2:*:*:*:*:*:*:* | |
chrome | 36.0.1985.3 | cpe:2.3:a:google:chrome:36.0.1985.3:*:*:*:*:*:*:* | |
chrome | 36.0.1985.4 | cpe:2.3:a:google:chrome:36.0.1985.4:*:*:*:*:*:*:* | |
chrome | 36.0.1985.5 | cpe:2.3:a:google:chrome:36.0.1985.5:*:*:*:*:*:*:* | |
chrome | 36.0.1985.6 | cpe:2.3:a:google:chrome:36.0.1985.6:*:*:*:*:*:*:* | |
chrome | 36.0.1985.8 | cpe:2.3:a:google:chrome:36.0.1985.8:*:*:*:*:*:*:* | |
chrome | 36.0.1985.12 | cpe:2.3:a:google:chrome:36.0.1985.12:*:*:*:*:*:*:* |
googlechromereleases.blogspot.com/2014/07/stable-channel-update.html
secunia.com/advisories/60061
secunia.com/advisories/60372
security.gentoo.org/glsa/glsa-201408-16.xml
www.debian.org/security/2014/dsa-3039
www.securityfocus.com/bid/68677
code.google.com/p/chromium/issues/detail?id=380885
src.chromium.org/viewvc/blink?revision=176084&view=revision