CVE-2014-9648

components/navigation_interception/intercept_navigation_resource_throttle.cc in Google Chrome before 40.0.2214.91 on Android does not properly restrict use of intent: URLs to open an application after navigation to a web site, which allows remote attackers to cause a denial of service (loss of browser access to that site) via crafted JavaScript code, as demonstrated by pandora.com and the Pandora application, a different vulnerability than CVE-2015-1205.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*

Information

Published : 2015-01-27 12:01

Updated : 2015-02-20 19:01


NVD link : CVE-2014-9648

Mitre link : CVE-2014-9648


JSON object : View

CWE
CWE-284

Improper Access Control

Advertisement

dedicated server usa

Products Affected

google

  • chrome