Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2013-6166HistoryFeb 15, 2014 - 2:57 p.m.
CVE-2013-6166
2014-02-1514:57:00
Debian Security Bug Tracker
security-tracker.debian.org
8
EPSS
0.005
Percentile
76.9%
Google Chrome before 29 sends HTTP Cookie headers without first validating that they have the required character-set restrictions, which allows remote attackers to conduct the equivalent of a persistent Logout CSRF attack via a crafted parameter that forces a web application to set a malformed cookie within an HTTP response.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 9 | all | chromium-browser | < 70.0.3538.110-1~deb9u1 | chromium-browser_70.0.3538.110-1~deb9u1_all.deb |
Related
cvelist
cvelist
CVE-2013-6166
2014-02-15 11:00:00
nvd
nvd
CVE-2013-6166
2014-02-15 14:57:07
ubuntucve
ubuntucve
CVE-2013-6166
2014-02-15 00:00:00
prion
prion
Cross site request forgery (csrf)
2014-02-15 14:57:00
openvas
openvas
Google Chrome CSRF Vulnerability - Windows
2014-02-17 00:00:00
Google Chrome CSRF Vulnerability - Linux
2014-02-17 00:00:00
Google Chrome CSRF Vulnerability - Mac OS X
2014-02-17 00:00:00
exploitdb
exploitdb
Google Chrome - Cookie Verification Denial of Service
2013-04-04 00:00:00
cve
cve
CVE-2013-6166
2014-02-15 14:57:07
nessus
nessus
Google Chrome < 29.0.1547.57 Multiple Vulnerabilities
2013-08-20 00:00:00