CVE Vulnerabilities

CVE-2014-3170

Published: Aug 27, 2014 | Modified: Aug 29, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
6.4 MEDIUM
AV:N/AC:L/Au:N/C:P/I:P/A:N
RedHat/V2
RedHat/V3
Ubuntu

extensions/common/url_pattern.cc in Google Chrome before 37.0.2062.94 does not prevent use of a ‘0’ character in a host name, which allows remote attackers to spoof the extension permission dialog by relying on truncation after this character.

Affected Software

Name Vendor Start Version End Version
Chrome Google 37.0.2062.0 37.0.2062.0
Chrome Google 37.0.2062.1 37.0.2062.1
Chrome Google 37.0.2062.2 37.0.2062.2
Chrome Google 37.0.2062.3 37.0.2062.3
Chrome Google 37.0.2062.4 37.0.2062.4
Chrome Google 37.0.2062.5 37.0.2062.5
Chrome Google 37.0.2062.6 37.0.2062.6
Chrome Google 37.0.2062.7 37.0.2062.7
Chrome Google 37.0.2062.8 37.0.2062.8
Chrome Google 37.0.2062.9 37.0.2062.9
Chrome Google 37.0.2062.10 37.0.2062.10
Chrome Google 37.0.2062.11 37.0.2062.11
Chrome Google 37.0.2062.12 37.0.2062.12
Chrome Google 37.0.2062.13 37.0.2062.13
Chrome Google 37.0.2062.14 37.0.2062.14
Chrome Google 37.0.2062.15 37.0.2062.15
Chrome Google 37.0.2062.16 37.0.2062.16
Chrome Google 37.0.2062.17 37.0.2062.17
Chrome Google 37.0.2062.18 37.0.2062.18
Chrome Google 37.0.2062.19 37.0.2062.19
Chrome Google 37.0.2062.20 37.0.2062.20
Chrome Google 37.0.2062.21 37.0.2062.21
Chrome Google 37.0.2062.22 37.0.2062.22
Chrome Google 37.0.2062.23 37.0.2062.23
Chrome Google 37.0.2062.24 37.0.2062.24
Chrome Google 37.0.2062.25 37.0.2062.25
Chrome Google 37.0.2062.26 37.0.2062.26
Chrome Google 37.0.2062.27 37.0.2062.27
Chrome Google 37.0.2062.28 37.0.2062.28
Chrome Google 37.0.2062.29 37.0.2062.29
Chrome Google 37.0.2062.30 37.0.2062.30
Chrome Google 37.0.2062.31 37.0.2062.31
Chrome Google 37.0.2062.32 37.0.2062.32
Chrome Google 37.0.2062.33 37.0.2062.33
Chrome Google 37.0.2062.34 37.0.2062.34
Chrome Google 37.0.2062.35 37.0.2062.35
Chrome Google 37.0.2062.36 37.0.2062.36
Chrome Google 37.0.2062.37 37.0.2062.37
Chrome Google 37.0.2062.39 37.0.2062.39
Chrome Google 37.0.2062.43 37.0.2062.43
Chrome Google 37.0.2062.44 37.0.2062.44
Chrome Google 37.0.2062.45 37.0.2062.45
Chrome Google 37.0.2062.46 37.0.2062.46
Chrome Google 37.0.2062.47 37.0.2062.47
Chrome Google 37.0.2062.48 37.0.2062.48
Chrome Google 37.0.2062.49 37.0.2062.49
Chrome Google 37.0.2062.50 37.0.2062.50
Chrome Google 37.0.2062.51 37.0.2062.51
Chrome Google 37.0.2062.52 37.0.2062.52
Chrome Google 37.0.2062.53 37.0.2062.53
Chrome Google 37.0.2062.54 37.0.2062.54
Chrome Google 37.0.2062.55 37.0.2062.55
Chrome Google 37.0.2062.56 37.0.2062.56
Chrome Google 37.0.2062.57 37.0.2062.57
Chrome Google 37.0.2062.58 37.0.2062.58
Chrome Google 37.0.2062.59 37.0.2062.59
Chrome Google 37.0.2062.60 37.0.2062.60
Chrome Google 37.0.2062.61 37.0.2062.61
Chrome Google 37.0.2062.62 37.0.2062.62
Chrome Google 37.0.2062.63 37.0.2062.63
Chrome Google 37.0.2062.64 37.0.2062.64
Chrome Google 37.0.2062.65 37.0.2062.65
Chrome Google 37.0.2062.66 37.0.2062.66
Chrome Google 37.0.2062.67 37.0.2062.67
Chrome Google 37.0.2062.68 37.0.2062.68
Chrome Google 37.0.2062.69 37.0.2062.69
Chrome Google 37.0.2062.70 37.0.2062.70
Chrome Google 37.0.2062.71 37.0.2062.71
Chrome Google 37.0.2062.72 37.0.2062.72
Chrome Google 37.0.2062.73 37.0.2062.73
Chrome Google 37.0.2062.74 37.0.2062.74
Chrome Google 37.0.2062.75 37.0.2062.75
Chrome Google 37.0.2062.76 37.0.2062.76
Chrome Google 37.0.2062.77 37.0.2062.77
Chrome Google 37.0.2062.78 37.0.2062.78
Chrome Google 37.0.2062.80 37.0.2062.80
Chrome Google 37.0.2062.81 37.0.2062.81
Chrome Google 37.0.2062.89 37.0.2062.89
Chrome Google 37.0.2062.90 37.0.2062.90
Chrome Google 37.0.2062.91 37.0.2062.91
Chrome Google 37.0.2062.92 37.0.2062.92
Chrome Google * 37.0.2062.93
Chromium-browser Ubuntu devel *
Chromium-browser Ubuntu lucid *
Chromium-browser Ubuntu precise *
Chromium-browser Ubuntu trusty *
Chromium-browser Ubuntu upstream *

References