CVE-2013-2853

Priority
Medium
Description
The HTTPS implementation in Google Chrome before 28.0.1500.71 does not
ensure that headers are terminated by \r\n\r\n (carriage return, newline,
carriage return, newline), which allows man-in-the-middle attackers to have
an unspecified impact via vectors that trigger header truncation.
References
Bugs
Assigned-to
chad
Package
Upstream:released (28.0.1500.71)
Ubuntu 12.04 LTS (Precise Pangolin):released (28.0.1500.71-0ubuntu1.12.04.1)
More Information

Updated: 2016-03-23 03:40:29 UTC (commit 10817)