CVE-2013-2879

Priority
Medium
Description
Google Chrome before 28.0.1500.71 does not properly determine the
circumstances in which a renderer process can be considered a trusted
process for sign-in and subsequent sync operations, which makes it easier
for remote attackers to conduct phishing attacks via a crafted web site.
References
Bugs
Assigned-to
chad
Package
Upstream:released (28.0.1500.71)
Ubuntu 10.04 LTS (Lucid Lynx):ignored (reached end-of-life)
Ubuntu 12.04 LTS (Precise Pangolin):released (28.0.1500.71-0ubuntu1.12.04.1)
Ubuntu 12.10 (Quantal Quetzal):released (28.0.1500.71-0ubuntu1.12.10.1)
Ubuntu 13.04 (Raring Ringtail):released (28.0.1500.71-0ubuntu1.13.04.1)
Ubuntu 13.10 (Saucy Salamander):released (28.0.1500.71-0ubuntu1.13.10.1)
More Information

Valid XHTML 1.0 Strict

Updated: 2013-07-25 21:15:08 UTC (commit 7129)