Origin Restriction Bypass in Google Chrome OS
CVE-2013-2835

Currently unrated

Key Information:

Vendor: Google
Status: Chrome Os
Vendor: CVE Published:; 16 April 2013

Summary

An origin restriction bypass vulnerability exists in Google Chrome OS versions prior to 26.0.1410.57. This flaw affects the enforcement of origin restrictions for the O3D and Google Talk plug-ins, allowing remote attackers to exploit this weakness via specially crafted websites. Users may be at risk as this vulnerability enables bad actors to bypass domain-whitelist protections, potentially leading to unauthorized actions or data exposure.

References

http://googlechromereleases.blogspot.com/2013/04/stable-c...

x_refsource_CONFIRM

https://code.google.com/p/chromium/issues/detail?id=196456

x_refsource_CONFIRM

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Apr 16, 2013