CVE-2013-0926

Published: 28 March 2013

Google Chrome before 26.0.1410.43 does not properly handle active content in an EMBED element during a copy-and-paste operation, which allows user-assisted remote attackers to have an unspecified impact via a crafted web site.

Priority

Status

Package	Release	Status
chromium-browser Launchpad, Ubuntu, Debian	hardy	Does not exist
	lucid	Ignored (end of life)
	oneiric	Ignored (end of life)
	precise	Released (28.0.1500.52-0ubuntu1.12.04.2)
	quantal	Released (28.0.1500.52-0ubuntu1.12.10.3)
	raring	Released (28.0.1500.52-0ubuntu1.13.04.3)
	upstream	Released (26.0.1410.43)

References

http://git.chromium.org/gitweb/?p=chromium/src.git;a=commit;h=52a30db57ecec68bb3b25fdc3de5e9bee7b80ed7
https://src.chromium.org/viewvc/chrome?view=rev&revision=176856
https://code.google.com/p/chromium/issues/detail?id=112325
https://chromiumcodereview.appspot.com/11884025
http://googlechromereleases.blogspot.com/2013/03/stable-channel-update_26.html
https://www.cve.org/CVERecord?id=CVE-2013-0926
NVD
Launchpad
Debian

Bugs

https://bugs.launchpad.net/bugs/1161296

Join the discussion

Ubuntu security updates mailing list
Security announcements mailing list

Canonical is offering Expanded Security Maintenance

Canonical is offering Ubuntu Expanded Security Maintenance (ESM) for security fixes and essential packages.

Find out more about ESM ›