CVE-2015-1296 | Vulnerability Database | Aqua Security

The UnescapeURLWithAdjustmentsImpl implementation in net/base/escape.cc in Google Chrome before 45.0.2454.85 does not prevent display of Unicode LOCK characters in the omnibox, which makes it easier for remote attackers to spoof the SSL lock icon by placing one of these characters at the end of a URL, as demonstrated by the omnibox in localizations for right-to-left languages.

Affected Software

Name	Vendor	Start Version	End Version
Chrome	Google	*	44.0.2403 (including)
Red Hat Enterprise Linux 6 Supplementary	RedHat	chromium-browser-0:45.0.2454.85-2.el6	*
Chromium-browser	Ubuntu	devel	*
Chromium-browser	Ubuntu	precise	*
Chromium-browser	Ubuntu	trusty	*
Chromium-browser	Ubuntu	upstream	*
Chromium-browser	Ubuntu	vivid	*
Chromium-browser	Ubuntu	wily	*

References

http://googlechromereleases.blogspot.com/2015/09/stable-channel-update.html
http://lists.opensuse.org/opensuse-updates/2015-09/msg00029.html
http://lists.opensuse.org/opensuse-updates/2015-11/msg00013.html
http://rhn.redhat.com/errata/RHSA-2015-1712.html
http://www.debian.org/security/2015/dsa-3351
http://www.securitytracker.com/id/1033472
https://code.google.com/p/chromium/issues/detail?id=421332
https://codereview.chromium.org/1180393003/
https://codereview.chromium.org/1189553002/
https://security.gentoo.org/glsa/201603-09
http://googlechromereleases.blogspot.com/2015/09/stable-channel-update.html
http://lists.opensuse.org/opensuse-updates/2015-09/msg00029.html
http://lists.opensuse.org/opensuse-updates/2015-11/msg00013.html
http://rhn.redhat.com/errata/RHSA-2015-1712.html
http://www.debian.org/security/2015/dsa-3351
http://www.securitytracker.com/id/1033472
https://code.google.com/p/chromium/issues/detail?id=421332
https://codereview.chromium.org/1180393003/
https://codereview.chromium.org/1189553002/
https://security.gentoo.org/glsa/201603-09

NVD	https://nvd.nist.gov/vuln/detail/CVE-2015-1296
CWE	https://cwe.mitre.org/data/definitions/254.html