The WebContentsDelegateAndroid::OpenURLFromTab function in components/web_contents_delegate_android/web_contents_delegate_android.cc in Google Chrome before 36.0.1985.122 on Android does not properly restrict URL loading, which allows remote attackers to spoof the URL in the Omnibox via unspecified vectors.
References
Configurations
Configuration 1 (hide)
AND |
|
Information
Published : 2014-07-20 04:12
Updated : 2014-08-04 09:26
NVD link : CVE-2014-3159
Mitre link : CVE-2014-3159
JSON object : View
CWE
CWE-20
Improper Input Validation
Products Affected
- android
- chrome