PT-2013-3956 · Google · Google Chrome
Publicado
2013-04-16
·
Atualizado
2013-04-17
·
CVE-2013-2834
CVSS v2.0
5.0
Média
| Vetor | AV:N/AC:L/Au:N/C:N/I:P/A:N |
Name of the Vulnerable Software and Affected Versions
Google Chrome OS versions prior to 26.0.1410.57
Description
The issue is related to the improper enforcement of origin restrictions for the O3D and Google Talk plug-ins. This allows remote attackers to bypass the domain-whitelist protection mechanism via a crafted web site.
Recommendations
For Google Chrome OS versions prior to 26.0.1410.57, update to version 26.0.1410.57 or later to resolve the issue.
Correção
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Google Chrome