CVE Vulnerabilities

CVE-2014-3170

Published: Aug 27, 2014 | Modified: Nov 07, 2023
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
6.4 MEDIUM
AV:N/AC:L/Au:N/C:P/I:P/A:N
RedHat/V2
RedHat/V3
Ubuntu
MEDIUM

extensions/common/url_pattern.cc in Google Chrome before 37.0.2062.94 does not prevent use of a 0 character in a host name, which allows remote attackers to spoof the extension permission dialog by relying on truncation after this character.

Affected Software

Name Vendor Start Version End Version
Chrome Google * 37.0.2062.93 (including)
Chrome Google 37.0.2062.0 (including) 37.0.2062.0 (including)
Chrome Google 37.0.2062.1 (including) 37.0.2062.1 (including)
Chrome Google 37.0.2062.2 (including) 37.0.2062.2 (including)
Chrome Google 37.0.2062.3 (including) 37.0.2062.3 (including)
Chrome Google 37.0.2062.4 (including) 37.0.2062.4 (including)
Chrome Google 37.0.2062.5 (including) 37.0.2062.5 (including)
Chrome Google 37.0.2062.6 (including) 37.0.2062.6 (including)
Chrome Google 37.0.2062.7 (including) 37.0.2062.7 (including)
Chrome Google 37.0.2062.8 (including) 37.0.2062.8 (including)
Chrome Google 37.0.2062.9 (including) 37.0.2062.9 (including)
Chrome Google 37.0.2062.10 (including) 37.0.2062.10 (including)
Chrome Google 37.0.2062.11 (including) 37.0.2062.11 (including)
Chrome Google 37.0.2062.12 (including) 37.0.2062.12 (including)
Chrome Google 37.0.2062.13 (including) 37.0.2062.13 (including)
Chrome Google 37.0.2062.14 (including) 37.0.2062.14 (including)
Chrome Google 37.0.2062.15 (including) 37.0.2062.15 (including)
Chrome Google 37.0.2062.16 (including) 37.0.2062.16 (including)
Chrome Google 37.0.2062.17 (including) 37.0.2062.17 (including)
Chrome Google 37.0.2062.18 (including) 37.0.2062.18 (including)
Chrome Google 37.0.2062.19 (including) 37.0.2062.19 (including)
Chrome Google 37.0.2062.20 (including) 37.0.2062.20 (including)
Chrome Google 37.0.2062.21 (including) 37.0.2062.21 (including)
Chrome Google 37.0.2062.22 (including) 37.0.2062.22 (including)
Chrome Google 37.0.2062.23 (including) 37.0.2062.23 (including)
Chrome Google 37.0.2062.24 (including) 37.0.2062.24 (including)
Chrome Google 37.0.2062.25 (including) 37.0.2062.25 (including)
Chrome Google 37.0.2062.26 (including) 37.0.2062.26 (including)
Chrome Google 37.0.2062.27 (including) 37.0.2062.27 (including)
Chrome Google 37.0.2062.28 (including) 37.0.2062.28 (including)
Chrome Google 37.0.2062.29 (including) 37.0.2062.29 (including)
Chrome Google 37.0.2062.30 (including) 37.0.2062.30 (including)
Chrome Google 37.0.2062.31 (including) 37.0.2062.31 (including)
Chrome Google 37.0.2062.32 (including) 37.0.2062.32 (including)
Chrome Google 37.0.2062.33 (including) 37.0.2062.33 (including)
Chrome Google 37.0.2062.34 (including) 37.0.2062.34 (including)
Chrome Google 37.0.2062.35 (including) 37.0.2062.35 (including)
Chrome Google 37.0.2062.36 (including) 37.0.2062.36 (including)
Chrome Google 37.0.2062.37 (including) 37.0.2062.37 (including)
Chrome Google 37.0.2062.39 (including) 37.0.2062.39 (including)
Chrome Google 37.0.2062.43 (including) 37.0.2062.43 (including)
Chrome Google 37.0.2062.44 (including) 37.0.2062.44 (including)
Chrome Google 37.0.2062.45 (including) 37.0.2062.45 (including)
Chrome Google 37.0.2062.46 (including) 37.0.2062.46 (including)
Chrome Google 37.0.2062.47 (including) 37.0.2062.47 (including)
Chrome Google 37.0.2062.48 (including) 37.0.2062.48 (including)
Chrome Google 37.0.2062.49 (including) 37.0.2062.49 (including)
Chrome Google 37.0.2062.50 (including) 37.0.2062.50 (including)
Chrome Google 37.0.2062.51 (including) 37.0.2062.51 (including)
Chrome Google 37.0.2062.52 (including) 37.0.2062.52 (including)
Chrome Google 37.0.2062.53 (including) 37.0.2062.53 (including)
Chrome Google 37.0.2062.54 (including) 37.0.2062.54 (including)
Chrome Google 37.0.2062.55 (including) 37.0.2062.55 (including)
Chrome Google 37.0.2062.56 (including) 37.0.2062.56 (including)
Chrome Google 37.0.2062.57 (including) 37.0.2062.57 (including)
Chrome Google 37.0.2062.58 (including) 37.0.2062.58 (including)
Chrome Google 37.0.2062.59 (including) 37.0.2062.59 (including)
Chrome Google 37.0.2062.60 (including) 37.0.2062.60 (including)
Chrome Google 37.0.2062.61 (including) 37.0.2062.61 (including)
Chrome Google 37.0.2062.62 (including) 37.0.2062.62 (including)
Chrome Google 37.0.2062.63 (including) 37.0.2062.63 (including)
Chrome Google 37.0.2062.64 (including) 37.0.2062.64 (including)
Chrome Google 37.0.2062.65 (including) 37.0.2062.65 (including)
Chrome Google 37.0.2062.66 (including) 37.0.2062.66 (including)
Chrome Google 37.0.2062.67 (including) 37.0.2062.67 (including)
Chrome Google 37.0.2062.68 (including) 37.0.2062.68 (including)
Chrome Google 37.0.2062.69 (including) 37.0.2062.69 (including)
Chrome Google 37.0.2062.70 (including) 37.0.2062.70 (including)
Chrome Google 37.0.2062.71 (including) 37.0.2062.71 (including)
Chrome Google 37.0.2062.72 (including) 37.0.2062.72 (including)
Chrome Google 37.0.2062.73 (including) 37.0.2062.73 (including)
Chrome Google 37.0.2062.74 (including) 37.0.2062.74 (including)
Chrome Google 37.0.2062.75 (including) 37.0.2062.75 (including)
Chrome Google 37.0.2062.76 (including) 37.0.2062.76 (including)
Chrome Google 37.0.2062.77 (including) 37.0.2062.77 (including)
Chrome Google 37.0.2062.78 (including) 37.0.2062.78 (including)
Chrome Google 37.0.2062.80 (including) 37.0.2062.80 (including)
Chrome Google 37.0.2062.81 (including) 37.0.2062.81 (including)
Chrome Google 37.0.2062.89 (including) 37.0.2062.89 (including)
Chrome Google 37.0.2062.90 (including) 37.0.2062.90 (including)
Chrome Google 37.0.2062.91 (including) 37.0.2062.91 (including)
Chrome Google 37.0.2062.92 (including) 37.0.2062.92 (including)
Chromium-browser Ubuntu devel *
Chromium-browser Ubuntu lucid *
Chromium-browser Ubuntu precise *
Chromium-browser Ubuntu trusty *
Chromium-browser Ubuntu upstream *

References