QwikSec

Security Database

CVE

CWE

Training

CVE-2014-3201

Published: Oct 10, 2014

Modified: Aug 6, 2024

PUBLISHED

Description

core/rendering/compositing/RenderLayerCompositor.cpp in Blink, as used in Google Chrome before 38.0.2125.102 on Android, does not properly handle a certain IFRAME overflow condition, which allows remote attackers to spoof content via a crafted web site that interferes with the scrollbar.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

http://googlechromereleases.blogspot.com/2014/10/chrome-for-android-update.html

x_refsource_CONFIRM

https://src.chromium.org/viewvc/blink?revision=182021&view=revision

x_refsource_CONFIRM

https://crbug.com/406593

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.