CVE-2013-6636

2013-12-0700:55:00

CWE-20

[email protected]

web.nvd.nist.gov

cve-2013-6636

google chrome

blink

frameloader

modal dialog

remote attackers

address bar spoofing

document.write method

5.9 Medium

AI Score

Confidence

Low

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.007 Low

EPSS

Percentile

80.8%

JSON

The FrameLoader::notifyIfInitialDocumentAccessed function in core/loader/FrameLoader.cpp in Blink, as used in Google Chrome before 31.0.1650.63, makes an incorrect check for an empty document during presentation of a modal dialog, which allows remote attackers to spoof the address bar via vectors involving the document.write method.

CPENameOperatorVersion
google:chromegoogle chromeeq31.0.1650.22
google:chromegoogle chromeeq31.0.1650.45
google:chromegoogle chromeeq31.0.1650.11
google:chromegoogle chromeeq31.0.1650.59
google:chromegoogle chromeeq31.0.1650.33
google:chromegoogle chromeeq31.0.1650.32
google:chromegoogle chromeeq31.0.1650.31
google:chromegoogle chromeeq31.0.1650.28
google:chromegoogle chromeeq31.0.1650.54
google:chromegoogle chromeeq31.0.1650.26

CPE	Name	Operator	Version
google:chrome	google chrome	eq	31.0.1650.22
google:chrome	google chrome	eq	31.0.1650.45
google:chrome	google chrome	eq	31.0.1650.11
google:chrome	google chrome	eq	31.0.1650.59
google:chrome	google chrome	eq	31.0.1650.33
google:chrome	google chrome	eq	31.0.1650.32
google:chrome	google chrome	eq	31.0.1650.31
google:chrome	google chrome	eq	31.0.1650.28
google:chrome	google chrome	eq	31.0.1650.54
google:chrome	google chrome	eq	31.0.1650.26