fkie_cve-2013-2915
Vulnerability from fkie_nvd
Published
2013-10-02 10:35
Modified
2025-04-11 00:51
Severity ?
Summary
Google Chrome before 30.0.1599.66 preserves pending NavigationEntry objects in certain invalid circumstances, which allows remote attackers to spoof the address bar via a URL with a malformed scheme, as demonstrated by a nonexistent:12121 URL.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| chrome | * | ||
| chrome | 30.0.1599.0 | ||
| chrome | 30.0.1599.1 | ||
| chrome | 30.0.1599.2 | ||
| chrome | 30.0.1599.4 | ||
| chrome | 30.0.1599.5 | ||
| chrome | 30.0.1599.6 | ||
| chrome | 30.0.1599.7 | ||
| chrome | 30.0.1599.8 | ||
| chrome | 30.0.1599.9 | ||
| chrome | 30.0.1599.10 | ||
| chrome | 30.0.1599.11 | ||
| chrome | 30.0.1599.12 | ||
| chrome | 30.0.1599.13 | ||
| chrome | 30.0.1599.14 | ||
| chrome | 30.0.1599.15 | ||
| chrome | 30.0.1599.16 | ||
| chrome | 30.0.1599.17 | ||
| chrome | 30.0.1599.18 | ||
| chrome | 30.0.1599.19 | ||
| chrome | 30.0.1599.20 | ||
| chrome | 30.0.1599.21 | ||
| chrome | 30.0.1599.22 | ||
| chrome | 30.0.1599.23 | ||
| chrome | 30.0.1599.24 | ||
| chrome | 30.0.1599.25 | ||
| chrome | 30.0.1599.26 | ||
| chrome | 30.0.1599.27 | ||
| chrome | 30.0.1599.28 | ||
| chrome | 30.0.1599.29 | ||
| chrome | 30.0.1599.30 | ||
| chrome | 30.0.1599.31 | ||
| chrome | 30.0.1599.32 | ||
| chrome | 30.0.1599.33 | ||
| chrome | 30.0.1599.34 | ||
| chrome | 30.0.1599.35 | ||
| chrome | 30.0.1599.36 | ||
| chrome | 30.0.1599.37 | ||
| chrome | 30.0.1599.38 | ||
| chrome | 30.0.1599.39 | ||
| chrome | 30.0.1599.40 | ||
| chrome | 30.0.1599.41 | ||
| chrome | 30.0.1599.42 | ||
| chrome | 30.0.1599.43 | ||
| chrome | 30.0.1599.44 | ||
| chrome | 30.0.1599.47 | ||
| chrome | 30.0.1599.48 | ||
| chrome | 30.0.1599.49 | ||
| chrome | 30.0.1599.50 | ||
| chrome | 30.0.1599.51 | ||
| chrome | 30.0.1599.52 | ||
| chrome | 30.0.1599.53 | ||
| chrome | 30.0.1599.56 | ||
| chrome | 30.0.1599.57 | ||
| chrome | 30.0.1599.58 | ||
| chrome | 30.0.1599.59 | ||
| chrome | 30.0.1599.60 | ||
| chrome | 30.0.1599.61 | ||
| chrome | 30.0.1599.64 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F73746CB-C113-451E-BE0C-6B61D8322146",
"versionEndIncluding": "30.0.1599.65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:30.0.1599.0:*:*:*:*:*:*:*",
"matchCriteriaId": "718E1E01-2B0A-44B9-949F-070CCCF36DD4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:30.0.1599.1:*:*:*:*:*:*:*",
"matchCriteriaId": "71AA30E4-8385-4262-922E-956A8AA18DBD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:30.0.1599.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CD763502-1E9D-4385-816F-96B4B2549978",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:30.0.1599.4:*:*:*:*:*:*:*",
"matchCriteriaId": "DF230AD1-E787-4068-A37D-883961FB7318",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:30.0.1599.5:*:*:*:*:*:*:*",
"matchCriteriaId": "BAEEDFA5-8066-44BD-80F0-18292D5AA6D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:30.0.1599.6:*:*:*:*:*:*:*",
"matchCriteriaId": "5C2D3BE7-9248-4D03-9875-C37294A78D4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:30.0.1599.7:*:*:*:*:*:*:*",
"matchCriteriaId": "8C2BDF85-1A6F-43B5-A381-E074CB38177B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:30.0.1599.8:*:*:*:*:*:*:*",
"matchCriteriaId": "46D40261-1858-4167-8E34-D0A71FA70CB8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:30.0.1599.9:*:*:*:*:*:*:*",
"matchCriteriaId": "DC034B15-750B-40EB-9E26-3692B08CDF2C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:30.0.1599.10:*:*:*:*:*:*:*",
"matchCriteriaId": "B0B230FB-5372-440C-ADBF-6B149B041810",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:30.0.1599.11:*:*:*:*:*:*:*",
"matchCriteriaId": "2E80F733-B13F-47E7-BECB-9E937FDA4A4E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:30.0.1599.12:*:*:*:*:*:*:*",
"matchCriteriaId": "C7FE68A6-7FEA-420F-BB3C-A4E7BBE080C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:30.0.1599.13:*:*:*:*:*:*:*",
"matchCriteriaId": "9193F86A-8266-4CD7-A4B8-F3E612FC65D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:30.0.1599.14:*:*:*:*:*:*:*",
"matchCriteriaId": "DE84119F-DA67-4D2C-81BA-F62B92082C39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:30.0.1599.15:*:*:*:*:*:*:*",
"matchCriteriaId": "09FF32A3-D506-4C56-B0D6-3351EBD337A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:30.0.1599.16:*:*:*:*:*:*:*",
"matchCriteriaId": "A7B4D6B2-4F10-4F7F-9006-6229AA2C2FC7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:30.0.1599.17:*:*:*:*:*:*:*",
"matchCriteriaId": "4B589B35-D68B-49F9-9B8D-FD2AC9EC4FD0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:30.0.1599.18:*:*:*:*:*:*:*",
"matchCriteriaId": "9FD8371A-E961-4E46-BEDD-2050A78F051F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:30.0.1599.19:*:*:*:*:*:*:*",
"matchCriteriaId": "28FB514A-A808-49B6-A522-97E511531BD5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:30.0.1599.20:*:*:*:*:*:*:*",
"matchCriteriaId": "C74D7FAA-DB5F-4E18-92B2-D1A48523F4EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:30.0.1599.21:*:*:*:*:*:*:*",
"matchCriteriaId": "CDA19E60-5DE5-49BE-9753-081B4B7F6807",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:30.0.1599.22:*:*:*:*:*:*:*",
"matchCriteriaId": "7BEDB43F-B3DC-42EA-9674-4028B632725D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:30.0.1599.23:*:*:*:*:*:*:*",
"matchCriteriaId": "8BA4286F-662A-42D8-8477-BC7F3F096A4A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:30.0.1599.24:*:*:*:*:*:*:*",
"matchCriteriaId": "F3C3B345-844D-4388-8269-AB2585A92D69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:30.0.1599.25:*:*:*:*:*:*:*",
"matchCriteriaId": "5129CAF1-6049-4F2F-A46C-60167D84E1D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:30.0.1599.26:*:*:*:*:*:*:*",
"matchCriteriaId": "7756087F-A847-4905-B7FD-B391145FEE1A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:30.0.1599.27:*:*:*:*:*:*:*",
"matchCriteriaId": "25B4679D-BB38-4294-BBA2-062B1BDC846C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:30.0.1599.28:*:*:*:*:*:*:*",
"matchCriteriaId": "20DDC53C-9F10-47D9-B7C9-A9B2C583983B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:30.0.1599.29:*:*:*:*:*:*:*",
"matchCriteriaId": "4AC552FC-DB2D-4A5A-938F-9411A79ACD8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:30.0.1599.30:*:*:*:*:*:*:*",
"matchCriteriaId": "1C75E089-48A1-42CD-8EFD-9C486561A386",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:30.0.1599.31:*:*:*:*:*:*:*",
"matchCriteriaId": "853C3ED2-44F5-4565-A352-7DC8CD269DA0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:30.0.1599.32:*:*:*:*:*:*:*",
"matchCriteriaId": "667150C6-719B-4019-A4A2-366D664C8573",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:30.0.1599.33:*:*:*:*:*:*:*",
"matchCriteriaId": "A53B79F3-8898-4503-B264-476969EE5F4E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:30.0.1599.34:*:*:*:*:*:*:*",
"matchCriteriaId": "8D93EF3E-28EA-4B53-B7CE-CCB337E20B9C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:30.0.1599.35:*:*:*:*:*:*:*",
"matchCriteriaId": "B36D53E0-0A1C-44E4-A770-2022353540CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:30.0.1599.36:*:*:*:*:*:*:*",
"matchCriteriaId": "728BAF5E-3F6A-4C62-BFED-FDBF78E9D058",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:30.0.1599.37:*:*:*:*:*:*:*",
"matchCriteriaId": "E63BB3E8-CE3A-434F-8A53-1888F5F21314",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:30.0.1599.38:*:*:*:*:*:*:*",
"matchCriteriaId": "74CB79B1-69F8-46EA-84DF-3CEFB749391B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:30.0.1599.39:*:*:*:*:*:*:*",
"matchCriteriaId": "B3CF1250-19E0-40B7-BEAB-25DCEA625C78",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:30.0.1599.40:*:*:*:*:*:*:*",
"matchCriteriaId": "CD21BECA-03E6-4209-B4FE-14FEE61C32F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:30.0.1599.41:*:*:*:*:*:*:*",
"matchCriteriaId": "26577D56-EA0A-478D-94DB-4AAC3BF7DA04",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:30.0.1599.42:*:*:*:*:*:*:*",
"matchCriteriaId": "208D2727-C33A-4C29-A8E5-5EA8258F4AFB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:30.0.1599.43:*:*:*:*:*:*:*",
"matchCriteriaId": "C9BE1044-C2B3-4BA1-8825-FBE6E69AE742",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:30.0.1599.44:*:*:*:*:*:*:*",
"matchCriteriaId": "02141842-3F25-4244-B4F2-AA1B1C18469A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:30.0.1599.47:*:*:*:*:*:*:*",
"matchCriteriaId": "63EA0BFF-552C-4B89-8942-79A6B3F09B68",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:30.0.1599.48:*:*:*:*:*:*:*",
"matchCriteriaId": "EBC8B17C-5E37-4D48-A701-F0C1E055307E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:30.0.1599.49:*:*:*:*:*:*:*",
"matchCriteriaId": "E6311079-3A55-4015-A791-0940664BD4F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:30.0.1599.50:*:*:*:*:*:*:*",
"matchCriteriaId": "5F691767-D50F-4F6D-AB4E-D3B943CA409A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:30.0.1599.51:*:*:*:*:*:*:*",
"matchCriteriaId": "03538477-6FEE-4FD2-902A-159444254CA0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:30.0.1599.52:*:*:*:*:*:*:*",
"matchCriteriaId": "1839A59A-F426-428F-9ABA-7D1133A207EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:30.0.1599.53:*:*:*:*:*:*:*",
"matchCriteriaId": "A1C14BBA-1E71-4359-9616-AFD4787255E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:30.0.1599.56:*:*:*:*:*:*:*",
"matchCriteriaId": "B1E80643-F04A-41C0-A669-84B0D7ECF1D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:30.0.1599.57:*:*:*:*:*:*:*",
"matchCriteriaId": "82DDBFE7-88B0-4489-845B-6DF03393FFAF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:30.0.1599.58:*:*:*:*:*:*:*",
"matchCriteriaId": "70CDD9F0-E0A0-42B5-B974-811BCF86FBF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:30.0.1599.59:*:*:*:*:*:*:*",
"matchCriteriaId": "DD62E41E-C6E8-4D85-B72E-D737139506C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:30.0.1599.60:*:*:*:*:*:*:*",
"matchCriteriaId": "CAC3A02F-7C0C-48CB-BA72-ECE286EFE0AC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:30.0.1599.61:*:*:*:*:*:*:*",
"matchCriteriaId": "C2098B5F-B3D1-4EA9-BF6C-DAACDA14FB92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:google:chrome:30.0.1599.64:*:*:*:*:*:*:*",
"matchCriteriaId": "5555B49F-973C-48AB-A4C4-A03EC3726E6B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Google Chrome before 30.0.1599.66 preserves pending NavigationEntry objects in certain invalid circumstances, which allows remote attackers to spoof the address bar via a URL with a malformed scheme, as demonstrated by a nonexistent:12121 URL."
},
{
"lang": "es",
"value": "Google Chrome anterior a la versi\u00f3n 30.0.1599.66 conserva objetos NavigationEntry pendientes en ciertas circunstancias no v\u00e1lidas, lo que permite a atacantes remotos falsificar la barra de direcciones a trav\u00e9s de una URL con un esquema malformado, como se demuestra con la URL nonexistent:12121."
}
],
"id": "CVE-2013-2915",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-10-02T10:35:35.180",
"references": [
{
"source": "chrome-cve-admin@google.com",
"url": "http://googlechromereleases.blogspot.com/2013/10/stable-channel-update.html"
},
{
"source": "chrome-cve-admin@google.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00002.html"
},
{
"source": "chrome-cve-admin@google.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00002.html"
},
{
"source": "chrome-cve-admin@google.com",
"url": "http://lists.opensuse.org/opensuse-updates/2014-01/msg00042.html"
},
{
"source": "chrome-cve-admin@google.com",
"url": "http://www.debian.org/security/2013/dsa-2785"
},
{
"source": "chrome-cve-admin@google.com",
"url": "https://code.google.com/p/chromium/issues/detail?id=280512"
},
{
"source": "chrome-cve-admin@google.com",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18319"
},
{
"source": "chrome-cve-admin@google.com",
"url": "https://src.chromium.org/viewvc/chrome?revision=222146\u0026view=revision"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://googlechromereleases.blogspot.com/2013/10/stable-channel-update.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00002.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00002.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-updates/2014-01/msg00042.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2013/dsa-2785"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://code.google.com/p/chromium/issues/detail?id=280512"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18319"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://src.chromium.org/viewvc/chrome?revision=222146\u0026view=revision"
}
],
"sourceIdentifier": "chrome-cve-admin@google.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…