Lucene search

K
cve[email protected]CVE-2014-7899
HistoryNov 19, 2014 - 11:59 a.m.

CVE-2014-7899

2014-11-1911:59:00
CWE-20
web.nvd.nist.gov
32
cve-2014-7899
google chrome
address bar spoofing
security vulnerability

6.1 Medium

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

0.006 Low

EPSS

Percentile

78.8%

Google Chrome before 38.0.2125.101 allows remote attackers to spoof the address bar by placing a blob: substring at the beginning of the URL, followed by the original URI scheme and a long username string.

Affected configurations

NVD
Node
googlechromeRange38.0.2125.7

6.1 Medium

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

0.006 Low

EPSS

Percentile

78.8%