FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

CVE-2013-2879

This CVE name corresponds to:

Entered Topic
2013-07-10 chromium -- multiple vulnerabilities

The following information is adapted from the Common Vulnerabilities and Exposures (CVE) project. CVE and the CVE logo are trademarks of The MITRE Corporation. CVE content is Copyright 2005, The MITRE Corporation.

CVE-2013-2879 at cve.mitre.org

Details

Type Candidate
Name CVE-2013-2879
Phase Assigned(20130411)

Description

Google Chrome before 28.0.1500.71 does not properly determine the circumstances in which a renderer process can be considered a trusted process for sign-in and subsequent sync operations, which makes it easier for remote attackers to conduct phishing attacks via a crafted web site.

References

Source Reference
CONFIRM http://git.chromium.org/gitweb/?p=chromium/chromium.git;a=commit;h=8a8eb83276778c9fbcf9ebcd4436077269b73074
CONFIRM http://git.chromium.org/gitweb/?p=chromium/chromium.git;a=commit;h=f0aa298677a1afb9a40b36e32bc9c4d9b4861eac
CONFIRM http://googlechromereleases.blogspot.com/2013/07/stable-channel-update.html
CONFIRM https://code.google.com/p/chromium/issues/detail?id=252062
DEBIAN DSA-2724
OVAL oval:org.mitre.oval:def:17177

Copyright © 2005 The MITRE Corporation.

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.