Incorrect handling of bidirectional domain names with RTL characters in Omnibox in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted domain name.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Chrome | * | 71.0.3578.80 (excluding) | |
Red Hat Enterprise Linux 6 Supplementary | RedHat | chromium-browser-0:71.0.3578.80-1.el6_10 | * |
Chromium-browser | Ubuntu | bionic | * |
Chromium-browser | Ubuntu | cosmic | * |
Chromium-browser | Ubuntu | devel | * |
Chromium-browser | Ubuntu | trusty | * |
Chromium-browser | Ubuntu | upstream | * |
Chromium-browser | Ubuntu | xenial | * |