CVE-2014-1723

2014-04-09T00:00:00
ID UB:CVE-2014-1723
Type ubuntucve
Reporter ubuntu.com
Modified 2014-04-09T00:00:00

Description

The UnescapeURLWithOffsetsImpl function in net/base/escape.cc in Google Chrome before 34.0.1847.116 does not properly handle bidirectional Internationalized Resource Identifiers (IRIs), which makes it easier for remote attackers to spoof URLs via crafted use of right-to-left (RTL) Unicode text.

Notes

Author| Note
---|---
chrisccoulson | Issue was fixed prior to Oxide r501, the first version to be included in an Ubuntu release