CVE-2014-3159

Google Chrome < 36.0.1985.122 - URL Spoofing via WebContentsDelegateAndroid

Title source: llm
STIX 2.1

Description

The WebContentsDelegateAndroid::OpenURLFromTab function in components/web_contents_delegate_android/web_contents_delegate_android.cc in Google Chrome before 36.0.1985.122 on Android does not properly restrict URL loading, which allows remote attackers to spoof the URL in the Omnibox via unspecified vectors.

References (3)

Core 3

Scores

EPSS 0.0092
EPSS Percentile 56.2%

Details

CWE
CWE-20
Status published
Products (50)
google/chrome 36.0.1985.1
google/chrome 36.0.1985.2
google/chrome 36.0.1985.3
google/chrome 36.0.1985.4
google/chrome 36.0.1985.5
google/chrome 36.0.1985.6
google/chrome 36.0.1985.8
google/chrome 36.0.1985.12
google/chrome 36.0.1985.13
google/chrome 36.0.1985.14
... and 40 more
Published Jul 20, 2014
Tracked Since Feb 18, 2026