FKIE_CVE-2014-3172

Vulnerability from fkie_nvd - Published: 2014-08-27 01:55 - Updated: 2025-04-12 10:46
Severity ?
Summary
The Debugger extension API in browser/extensions/api/debugger/debugger_api.cc in Google Chrome before 37.0.2062.94 does not validate a tab's URL before an attach operation, which allows remote attackers to bypass intended access limitations via an extension that uses a restricted URL, as demonstrated by a chrome:// URL.
References
chrome-cve-admin@google.comhttp://googlechromereleases.blogspot.com/2014/08/stable-channel-update_26.html
chrome-cve-admin@google.comhttp://lists.opensuse.org/opensuse-security-announce/2014-09/msg00027.html
chrome-cve-admin@google.comhttp://secunia.com/advisories/60268
chrome-cve-admin@google.comhttp://secunia.com/advisories/61482
chrome-cve-admin@google.comhttp://security.gentoo.org/glsa/glsa-201408-16.xml
chrome-cve-admin@google.comhttp://www.debian.org/security/2014/dsa-3039
chrome-cve-admin@google.comhttp://www.securityfocus.com/bid/69401
chrome-cve-admin@google.comhttp://www.securitytracker.com/id/1030767
chrome-cve-admin@google.comhttps://crbug.com/367567
chrome-cve-admin@google.comhttps://exchange.xforce.ibmcloud.com/vulnerabilities/95472
chrome-cve-admin@google.comhttps://src.chromium.org/viewvc/chrome?revision=280354&view=revision
af854a3a-2127-422b-91ae-364da2661108http://googlechromereleases.blogspot.com/2014/08/stable-channel-update_26.html
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00027.html
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/60268
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/61482
af854a3a-2127-422b-91ae-364da2661108http://security.gentoo.org/glsa/glsa-201408-16.xml
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2014/dsa-3039
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/69401
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1030767
af854a3a-2127-422b-91ae-364da2661108https://crbug.com/367567
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/95472
af854a3a-2127-422b-91ae-364da2661108https://src.chromium.org/viewvc/chrome?revision=280354&view=revision
Impacted products
Vendor Product Version
google chrome *
google chrome 37.0.2062.0
google chrome 37.0.2062.1
google chrome 37.0.2062.2
google chrome 37.0.2062.3
google chrome 37.0.2062.4
google chrome 37.0.2062.5
google chrome 37.0.2062.6
google chrome 37.0.2062.7
google chrome 37.0.2062.8
google chrome 37.0.2062.9
google chrome 37.0.2062.10
google chrome 37.0.2062.11
google chrome 37.0.2062.12
google chrome 37.0.2062.13
google chrome 37.0.2062.14
google chrome 37.0.2062.15
google chrome 37.0.2062.16
google chrome 37.0.2062.17
google chrome 37.0.2062.18
google chrome 37.0.2062.19
google chrome 37.0.2062.20
google chrome 37.0.2062.21
google chrome 37.0.2062.22
google chrome 37.0.2062.23
google chrome 37.0.2062.24
google chrome 37.0.2062.25
google chrome 37.0.2062.26
google chrome 37.0.2062.27
google chrome 37.0.2062.28
google chrome 37.0.2062.29
google chrome 37.0.2062.30
google chrome 37.0.2062.31
google chrome 37.0.2062.32
google chrome 37.0.2062.33
google chrome 37.0.2062.34
google chrome 37.0.2062.35
google chrome 37.0.2062.36
google chrome 37.0.2062.37
google chrome 37.0.2062.39
google chrome 37.0.2062.43
google chrome 37.0.2062.44
google chrome 37.0.2062.45
google chrome 37.0.2062.46
google chrome 37.0.2062.47
google chrome 37.0.2062.48
google chrome 37.0.2062.49
google chrome 37.0.2062.50
google chrome 37.0.2062.51
google chrome 37.0.2062.52
google chrome 37.0.2062.53
google chrome 37.0.2062.54
google chrome 37.0.2062.55
google chrome 37.0.2062.56
google chrome 37.0.2062.57
google chrome 37.0.2062.58
google chrome 37.0.2062.59
google chrome 37.0.2062.60
google chrome 37.0.2062.61
google chrome 37.0.2062.62
google chrome 37.0.2062.63
google chrome 37.0.2062.64
google chrome 37.0.2062.65
google chrome 37.0.2062.66
google chrome 37.0.2062.67
google chrome 37.0.2062.68
google chrome 37.0.2062.69
google chrome 37.0.2062.70
google chrome 37.0.2062.71
google chrome 37.0.2062.72
google chrome 37.0.2062.73
google chrome 37.0.2062.74
google chrome 37.0.2062.75
google chrome 37.0.2062.76
google chrome 37.0.2062.77
google chrome 37.0.2062.78
google chrome 37.0.2062.80
google chrome 37.0.2062.81
google chrome 37.0.2062.89
google chrome 37.0.2062.90
google chrome 37.0.2062.91
google chrome 37.0.2062.92
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D4CF15EF-CF6A-49EB-AD52-B841A771B0C8",
              "versionEndIncluding": "37.0.2062.93",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:37.0.2062.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0F701378-3B81-41AB-82E6-C271B64B325B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:37.0.2062.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D53BE304-211A-404B-B800-6ECB66FC95AE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:37.0.2062.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "2F8902F1-31DE-4618-BC6A-2CEB77CE0CFF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:37.0.2062.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "03C82FB7-E434-4FE5-8BBE-2813B640A338",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:37.0.2062.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "1C991A75-80C8-4BCC-A837-B8AE12EB08FA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:37.0.2062.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "2FAA26AE-CB14-4139-967A-2455DDFE988D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:37.0.2062.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "1EECB924-BB97-4AF5-A47F-9037749FB1A6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:37.0.2062.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "9555F177-8FEB-4D9C-90EA-CFA0F720FEF3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:37.0.2062.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "3BE2937A-98C7-4662-9CC7-7681ED323F6B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:37.0.2062.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "CD8602FB-3B25-46F1-AAA9-8B1A1DA69F0D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:37.0.2062.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "DF0BA783-86BA-4678-913D-80EDF56992A3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:37.0.2062.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1372534-A736-4538-AA7E-CFC08DC056DC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:37.0.2062.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "A34F1468-0C18-4B01-BA36-AADD8A7ADC2A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:37.0.2062.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "306639CB-9CA3-4D05-B388-580CB482F039",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:37.0.2062.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D9CD009-556D-4E6F-964F-7CB01E4E5161",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:37.0.2062.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6EF83C7-EF96-4523-8249-B61B9243A543",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:37.0.2062.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "354673A9-5100-46CE-AB62-C1BD06EA4876",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:37.0.2062.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "A5B4C2E7-0AED-4622-B569-D4FBDF431571",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:37.0.2062.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "8AB97059-5536-4565-B021-30B03FA6700F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:37.0.2062.19:*:*:*:*:*:*:*",
              "matchCriteriaId": "8EA6B745-1329-4D99-8ACE-14438BD36B70",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:37.0.2062.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6A8C84C-B5FF-4722-BBEA-9705AC93B8B3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:37.0.2062.21:*:*:*:*:*:*:*",
              "matchCriteriaId": "84EA8B73-D8EB-4171-81DD-146A96EDF22A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:37.0.2062.22:*:*:*:*:*:*:*",
              "matchCriteriaId": "4DD2E887-0B9D-4C67-B116-BEB5D7256682",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:37.0.2062.23:*:*:*:*:*:*:*",
              "matchCriteriaId": "3E11F118-6BE5-4F76-9B56-88F6981C0A49",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:37.0.2062.24:*:*:*:*:*:*:*",
              "matchCriteriaId": "6C8F4B1B-930D-4B2F-AEBD-5B86086ABC39",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:37.0.2062.25:*:*:*:*:*:*:*",
              "matchCriteriaId": "E4BBA599-AA08-4B85-B72C-5E11F9D019E2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:37.0.2062.26:*:*:*:*:*:*:*",
              "matchCriteriaId": "BFA810CC-6DE3-4CE8-A492-6986BD17BE78",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:37.0.2062.27:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CE81439-8B09-4106-9523-F43C0B541A98",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:37.0.2062.28:*:*:*:*:*:*:*",
              "matchCriteriaId": "208619F0-CFE0-41C4-9C5B-B2EAF6B389BF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:37.0.2062.29:*:*:*:*:*:*:*",
              "matchCriteriaId": "5E862A55-8795-4BB5-870F-E38DBC5FABC6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:37.0.2062.30:*:*:*:*:*:*:*",
              "matchCriteriaId": "FEFBC1F1-291C-42B1-9DD4-36B04A9B97AE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:37.0.2062.31:*:*:*:*:*:*:*",
              "matchCriteriaId": "7C283142-1633-4C59-BB2C-8E085B8D2709",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:37.0.2062.32:*:*:*:*:*:*:*",
              "matchCriteriaId": "F2286AE1-8D20-494C-A4DF-1C70C086D5F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:37.0.2062.33:*:*:*:*:*:*:*",
              "matchCriteriaId": "E7DE2B94-D778-46C9-A62F-69755BA2BCF1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:37.0.2062.34:*:*:*:*:*:*:*",
              "matchCriteriaId": "4467FA75-AAD4-4290-9142-0F104DF9FC5E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:37.0.2062.35:*:*:*:*:*:*:*",
              "matchCriteriaId": "73655CAB-70EA-4803-8759-589FE48A85E7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:37.0.2062.36:*:*:*:*:*:*:*",
              "matchCriteriaId": "F3B05E8A-91D5-4B18-92EF-753BF4AD5903",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:37.0.2062.37:*:*:*:*:*:*:*",
              "matchCriteriaId": "59E5F85D-4A69-4446-ACED-B0EFF6C163BB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:37.0.2062.39:*:*:*:*:*:*:*",
              "matchCriteriaId": "9F6109DC-D7BA-4143-9627-F786AF1B0160",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:37.0.2062.43:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D4A1AF1-4677-47B4-BA5E-538895F206B6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:37.0.2062.44:*:*:*:*:*:*:*",
              "matchCriteriaId": "340B17EA-7026-46A9-84C3-26EAC4CE9B79",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:37.0.2062.45:*:*:*:*:*:*:*",
              "matchCriteriaId": "79AA77B6-BF3E-425F-8F07-A5BB8E030C98",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:37.0.2062.46:*:*:*:*:*:*:*",
              "matchCriteriaId": "B37F78D0-E7AB-406C-9A97-0600D5AD19AC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:37.0.2062.47:*:*:*:*:*:*:*",
              "matchCriteriaId": "EE4DB73C-B60E-4630-9CE5-99408C1FB4DC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:37.0.2062.48:*:*:*:*:*:*:*",
              "matchCriteriaId": "2622DAA5-406F-4FC4-8D6F-97759DF6BD2C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:37.0.2062.49:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E5A596B-6184-453E-8450-F8A057C1D50A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:37.0.2062.50:*:*:*:*:*:*:*",
              "matchCriteriaId": "D00A3638-7D95-4E90-9DA7-82C2F917C57C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:37.0.2062.51:*:*:*:*:*:*:*",
              "matchCriteriaId": "45BC22F7-65EC-4CAA-ABD4-1C39C8084E70",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:37.0.2062.52:*:*:*:*:*:*:*",
              "matchCriteriaId": "245147AE-43A2-45C8-8179-25948F630B29",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:37.0.2062.53:*:*:*:*:*:*:*",
              "matchCriteriaId": "439343BC-5EAD-4150-ABDC-B9A6714B29ED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:37.0.2062.54:*:*:*:*:*:*:*",
              "matchCriteriaId": "10988982-6718-48B2-BCF8-370E26435A44",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:37.0.2062.55:*:*:*:*:*:*:*",
              "matchCriteriaId": "69A7A23A-013A-4AF2-B5FD-07FE36DDF9FD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:37.0.2062.56:*:*:*:*:*:*:*",
              "matchCriteriaId": "9D8D4586-C566-49BC-8942-DAA852CD1050",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:37.0.2062.57:*:*:*:*:*:*:*",
              "matchCriteriaId": "F333616F-1BBB-4A8C-89E3-FF46740385F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:37.0.2062.58:*:*:*:*:*:*:*",
              "matchCriteriaId": "C0ABB09E-A89C-47E0-BDF8-59C9DDFB328E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:37.0.2062.59:*:*:*:*:*:*:*",
              "matchCriteriaId": "89BC8272-32B1-429E-AB97-85993A54B946",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:37.0.2062.60:*:*:*:*:*:*:*",
              "matchCriteriaId": "3EDDCFE3-10A3-4207-8513-F2641CC6C14E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:37.0.2062.61:*:*:*:*:*:*:*",
              "matchCriteriaId": "5BC8932C-7631-4546-8C79-D9C5C60BCA6F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:37.0.2062.62:*:*:*:*:*:*:*",
              "matchCriteriaId": "EB9B2D05-44B4-4120-8B70-471FA7A11475",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:37.0.2062.63:*:*:*:*:*:*:*",
              "matchCriteriaId": "CE4F4473-F7B9-4C4F-A05C-0CABDD381B0C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:37.0.2062.64:*:*:*:*:*:*:*",
              "matchCriteriaId": "767A2490-4719-4F77-9084-224660AD8C3D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:37.0.2062.65:*:*:*:*:*:*:*",
              "matchCriteriaId": "16E075AF-C990-402A-BA3A-490D3CC565DE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:37.0.2062.66:*:*:*:*:*:*:*",
              "matchCriteriaId": "777F4F2A-8699-4925-BE7B-4E96D3D8B486",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:37.0.2062.67:*:*:*:*:*:*:*",
              "matchCriteriaId": "2D3A975E-1245-48D1-970F-292EBBC27BA5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:37.0.2062.68:*:*:*:*:*:*:*",
              "matchCriteriaId": "47C3DFFE-6BD7-4E06-A1FF-CA64ABBE2EAF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:37.0.2062.69:*:*:*:*:*:*:*",
              "matchCriteriaId": "244E0541-07AD-4E23-BD9A-99E82E5095E8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:37.0.2062.70:*:*:*:*:*:*:*",
              "matchCriteriaId": "9406F53F-D335-4C0D-9FFE-031A8D23DAF1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:37.0.2062.71:*:*:*:*:*:*:*",
              "matchCriteriaId": "059F95BC-6375-45FF-A5BC-A3DCB09C9B9D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:37.0.2062.72:*:*:*:*:*:*:*",
              "matchCriteriaId": "95B22F05-AF54-4DF3-814A-4D4722826B7C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:37.0.2062.73:*:*:*:*:*:*:*",
              "matchCriteriaId": "57659829-7B94-4E28-82AF-1E6AC14B65C2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:37.0.2062.74:*:*:*:*:*:*:*",
              "matchCriteriaId": "CE8D1E75-3C8C-4DAD-8C69-43CD3BF0C16B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:37.0.2062.75:*:*:*:*:*:*:*",
              "matchCriteriaId": "5B41B7DA-642F-45D7-9C44-6DBDDB180F67",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:37.0.2062.76:*:*:*:*:*:*:*",
              "matchCriteriaId": "4345C4B0-FA91-4E8C-B5B1-927F3622CA2F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:37.0.2062.77:*:*:*:*:*:*:*",
              "matchCriteriaId": "9C2391A9-A0D1-45DC-8FEA-79DE29775271",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:37.0.2062.78:*:*:*:*:*:*:*",
              "matchCriteriaId": "B86B675F-E365-49DC-90F7-5DB02816E609",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:37.0.2062.80:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA5436F8-5125-45A4-B14E-958335A60BB2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:37.0.2062.81:*:*:*:*:*:*:*",
              "matchCriteriaId": "34BAC3C9-D121-4FF4-8DC6-1C2022B1F536",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:37.0.2062.89:*:*:*:*:*:*:*",
              "matchCriteriaId": "752A92E8-B928-4743-9D1F-259FEEC29299",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:37.0.2062.90:*:*:*:*:*:*:*",
              "matchCriteriaId": "4704C7D1-B3A0-4357-91B4-B3C66E476097",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:37.0.2062.91:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB4F2DE1-350D-4A3B-A1C4-F1216938A7EF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:37.0.2062.92:*:*:*:*:*:*:*",
              "matchCriteriaId": "F7040D56-1D04-4E2A-9E1C-0306784CA6DE",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The Debugger extension API in browser/extensions/api/debugger/debugger_api.cc in Google Chrome before 37.0.2062.94 does not validate a tab\u0027s URL before an attach operation, which allows remote attackers to bypass intended access limitations via an extension that uses a restricted URL, as demonstrated by a chrome:// URL."
    },
    {
      "lang": "es",
      "value": "La Api de extensi\u00f3n Debugger en browser/extensions/api/debugger/debugger_api.cc en Google Chrome anterior a 37.0.2062.94 no valida la URL de una pesta\u00f1a antes de una operaci\u00f3n de adjuntar, lo que permite a atacantes remotos evadir las limitaciones de acceso a trav\u00e9s de una extensi\u00f3n que utiliza una URL restringida, como fue demostrado por una URL chrome://."
    }
  ],
  "id": "CVE-2014-3172",
  "lastModified": "2025-04-12T10:46:40.837",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 6.4,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 4.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2014-08-27T01:55:05.697",
  "references": [
    {
      "source": "chrome-cve-admin@google.com",
      "url": "http://googlechromereleases.blogspot.com/2014/08/stable-channel-update_26.html"
    },
    {
      "source": "chrome-cve-admin@google.com",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00027.html"
    },
    {
      "source": "chrome-cve-admin@google.com",
      "url": "http://secunia.com/advisories/60268"
    },
    {
      "source": "chrome-cve-admin@google.com",
      "url": "http://secunia.com/advisories/61482"
    },
    {
      "source": "chrome-cve-admin@google.com",
      "url": "http://security.gentoo.org/glsa/glsa-201408-16.xml"
    },
    {
      "source": "chrome-cve-admin@google.com",
      "url": "http://www.debian.org/security/2014/dsa-3039"
    },
    {
      "source": "chrome-cve-admin@google.com",
      "url": "http://www.securityfocus.com/bid/69401"
    },
    {
      "source": "chrome-cve-admin@google.com",
      "url": "http://www.securitytracker.com/id/1030767"
    },
    {
      "source": "chrome-cve-admin@google.com",
      "url": "https://crbug.com/367567"
    },
    {
      "source": "chrome-cve-admin@google.com",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95472"
    },
    {
      "source": "chrome-cve-admin@google.com",
      "url": "https://src.chromium.org/viewvc/chrome?revision=280354\u0026view=revision"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://googlechromereleases.blogspot.com/2014/08/stable-channel-update_26.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00027.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/60268"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/61482"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://security.gentoo.org/glsa/glsa-201408-16.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2014/dsa-3039"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/69401"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id/1030767"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://crbug.com/367567"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95472"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://src.chromium.org/viewvc/chrome?revision=280354\u0026view=revision"
    }
  ],
  "sourceIdentifier": "chrome-cve-admin@google.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-264"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.