1
Candidate: CVE-2014-3170
4
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3170
5
https://src.chromium.org/viewvc/chrome?revision=285492&view=revision
6
https://crbug.com/390624
7
http://googlechromereleases.blogspot.com/2014/08/stable-channel-update_26.html
9
extensions/common/url_pattern.cc in Google Chrome before 37.0.2062.94 does
10
not prevent use of a '\0' character in a host name, which allows remote
11
attackers to spoof the extension permission dialog by relying on truncation
18
Assigned-to: ChrisCoulson
20
Patches_chromium-browser:
21
upstream_chromium-browser: released (37.0.2062.94)
22
lucid_chromium-browser: ignored (reached end-of-life)
23
precise_chromium-browser: released (37.0.2062.94-0ubuntu0.12.04.1~pkg909)
24
trusty_chromium-browser: released (37.0.2062.94-0ubuntu0.14.04.1~pkg1042)
25
devel_chromium-browser: released (37.0.2062.94-0ubuntu1~pkg1065)
28
upstream_oxide-qt: not-affected
31
trusty_oxide-qt: not-affected
32
devel_oxide-qt: not-affected