Launchpad CVE tracker

CVE 2013-2915

Google Chrome before 30.0.1599.66 preserves pending NavigationEntry objects in certain invalid circumstances, which allows remote attackers to spoof the address bar via a URL with a malformed scheme, as demonstrated by a nonexistent:12121 URL.

Related bugs and status

CVE-2013-2915 (Candidate) is related to these bugs:

Bug #1223855: after opening webapps window and a normal window, normal window doesn't respond to Ctrl-T

Summary				In	Importance	Status
	1223855	after opening webapps window and a normal window, normal window doesn't respond to Ctrl-T		chromium-browser (Ubuntu)	Undecided	Fix Released

Bug #1226143: error while loading shared libraries: liburl_lib.so

Summary				In	Importance	Status
	1226143	error while loading shared libraries: liburl_lib.so		chromium-browser (Ubuntu)	Undecided	Fix Released

Bug #1232575: chrome.extension not available when called from extension scripts in Chromium but works on Chrome

Summary				In	Importance	Status
	1232575	chrome.extension not available when called from extension scripts in Chromium but works on Chrome		chromium-browser (Ubuntu)	High	Fix Released
	1232575	chrome.extension not available when called from extension scripts in Chromium but works on Chrome		Chromium Browser	Unknown	Unknown

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2013-2915

References