CVE-2014-3159

CVSS V2 Medium 6.4 CVSS V3 None
Description
The WebContentsDelegateAndroid::OpenURLFromTab function in components/web_contents_delegate_android/web_contents_delegate_android.cc in Google Chrome before 36.0.1985.122 on Android does not properly restrict URL loading, which allows remote attackers to spoof the URL in the Omnibox via unspecified vectors.
Overview
  • CVE ID
  • CVE-2014-3159
  • Assigner
  • cve-coordination@google.com
  • Vulnerability Status
  • Analyzed
  • Published Version
  • 2014-07-20T11:12:50
  • Last Modified Date
  • 2014-08-04T16:26:33
CPE Configuration (Product)
CPE Vulnerable Operator Version Start Version End
AND
cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:* 1 OR 36.0.1985.106
cpe:2.3:a:google:chrome:36.0.1985.1:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:36.0.1985.2:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:36.0.1985.3:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:36.0.1985.4:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:36.0.1985.5:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:36.0.1985.6:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:36.0.1985.8:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:36.0.1985.12:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:36.0.1985.13:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:36.0.1985.14:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:36.0.1985.15:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:36.0.1985.16:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:36.0.1985.17:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:36.0.1985.18:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:36.0.1985.19:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:36.0.1985.20:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:36.0.1985.21:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:36.0.1985.22:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:36.0.1985.23:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:36.0.1985.24:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:36.0.1985.25:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:36.0.1985.26:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:36.0.1985.27:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:36.0.1985.28:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:36.0.1985.29:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:36.0.1985.30:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:36.0.1985.31:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:36.0.1985.32:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:36.0.1985.33:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:36.0.1985.34:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:36.0.1985.35:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:36.0.1985.36:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:36.0.1985.37:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:36.0.1985.38:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:36.0.1985.39:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:36.0.1985.40:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:36.0.1985.41:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:36.0.1985.42:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:36.0.1985.43:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:36.0.1985.44:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:36.0.1985.45:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:36.0.1985.46:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:36.0.1985.47:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:36.0.1985.48:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:36.0.1985.49:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:36.0.1985.50:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:36.0.1985.51:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:36.0.1985.52:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:36.0.1985.53:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:36.0.1985.54:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:36.0.1985.55:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:36.0.1985.56:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:36.0.1985.57:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:36.0.1985.58:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:36.0.1985.59:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:36.0.1985.60:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:36.0.1985.61:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:36.0.1985.62:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:36.0.1985.63:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:36.0.1985.64:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:36.0.1985.65:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:36.0.1985.66:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:36.0.1985.67:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:36.0.1985.68:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:36.0.1985.69:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:36.0.1985.70:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:36.0.1985.72:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:36.0.1985.73:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:36.0.1985.74:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:36.0.1985.75:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:36.0.1985.76:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:36.0.1985.77:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:36.0.1985.78:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:36.0.1985.79:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:36.0.1985.81:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:36.0.1985.82:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:36.0.1985.83:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:36.0.1985.84:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:36.0.1985.85:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:36.0.1985.86:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:36.0.1985.87:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:36.0.1985.88:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:36.0.1985.89:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:36.0.1985.90:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:36.0.1985.91:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:36.0.1985.92:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:36.0.1985.93:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:36.0.1985.94:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:36.0.1985.95:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:36.0.1985.96:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:36.0.1985.97:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:36.0.1985.98:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:36.0.1985.99:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:36.0.1985.100:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:36.0.1985.101:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:36.0.1985.102:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:36.0.1985.103:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:36.0.1985.104:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:google:chrome:36.0.1985.105:*:*:*:*:*:*:* 1 OR
cpe:2.3:o:google:android:*:*:*:*:*:*:*:* 0 OR
CVSS Version 2
  • Version
  • 2.0
  • Vector String
  • AV:N/AC:L/Au:N/C:P/I:P/A:N
  • Access Vector
  • NETWORK
  • Access Compatibility
  • LOW
  • Authentication
  • NONE
  • Confidentiality Impact
  • PARTIAL
  • Integrity Impact
  • PARTIAL
  • Availability Impact
  • NONE
  • Base Score
  • 6.4
  • Severity
  • MEDIUM
  • Exploitability Score
  • 10
  • Impact Score
  • 4.9
History
Created Old Value New Value Data Type Notes
2022-05-10 10:32:34 Added to TrackCVE
2022-12-02 00:00:02 security@google.com cve-coordination@google.com CVE Assigner updated
2022-12-02 00:00:02 2014-07-20T11:12Z 2014-07-20T11:12:50 CVE Published Date updated
2022-12-02 00:00:02 2014-08-04T16:26:33 CVE Modified Date updated
2022-12-02 00:00:02 Analyzed Vulnerability Status updated