CVE-2013-2908 — Google Chrome vulnerability
2 documents2 sources
Severity
5.0MEDIUMNVD
EPSS
0.6%
top 31.62%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedOct 2
Latest updateMay 17
Description
Google Chrome before 30.0.1599.66 uses incorrect function calls to determine the values of NavigationEntry objects, which allows remote attackers to spoof the address bar via vectors involving a response with a 204 (aka No Content) status code.
CVSS vector
AV:N/AC:L/C:N/I:P/A:NExploitability: 10.0 | Impact: 2.9