QwikSec

Security Database

CVE

CWE

Training

CVE-2013-2879

Published: Jul 10, 2013

Modified: Aug 6, 2024

PUBLISHED

Description

Google Chrome before 28.0.1500.71 does not properly determine the circumstances in which a renderer process can be considered a trusted process for sign-in and subsequent sync operations, which makes it easier for remote attackers to conduct phishing attacks via a crafted web site.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

http://git.chromium.org/gitweb/?p=chromium/chromium.git%3Ba=commit%3Bh=8a8eb83276778c9fbcf9ebcd4436077269b73074

x_refsource_CONFIRM

https://code.google.com/p/chromium/issues/detail?id=252062

x_refsource_CONFIRM

vendor-advisory

x_refsource_DEBIAN

http://git.chromium.org/gitweb/?p=chromium/chromium.git%3Ba=commit%3Bh=f0aa298677a1afb9a40b36e32bc9c4d9b4861eac

x_refsource_CONFIRM

oval:org.mitre.oval:def:17177

vdb-entry

signature

x_refsource_OVAL

http://googlechromereleases.blogspot.com/2013/07/stable-channel-update.html

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.