{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2014-08-26T00:00:00", "descriptions": [{"lang": "en", "value": "The Debugger extension API in browser/extensions/api/debugger/debugger_api.cc in Google Chrome before 37.0.2062.94 does not validate a tab's URL before an attach operation, which allows remote attackers to bypass intended access limitations via an extension that uses a restricted URL, as demonstrated by a chrome:// URL."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-08-28T12:57:01", "orgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", "shortName": "Chrome"}, "references": [{"name": "69401", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/69401"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://googlechromereleases.blogspot.com/2014/08/stable-channel-update_26.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://src.chromium.org/viewvc/chrome?revision=280354&view=revision"}, {"name": "61482", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/61482"}, {"name": "GLSA-201408-16", "tags": ["vendor-advisory", "x_refsource_GENTOO"], "url": "http://security.gentoo.org/glsa/glsa-201408-16.xml"}, {"name": "openSUSE-SU-2014:1151", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00027.html"}, {"name": "60268", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/60268"}, {"name": "google-chrome-cve20143172-unspec(95472)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95472"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://crbug.com/367567"}, {"name": "1030767", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id/1030767"}, {"name": "DSA-3039", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2014/dsa-3039"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "[email protected]", "ID": "CVE-2014-3172", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The Debugger extension API in browser/extensions/api/debugger/debugger_api.cc in Google Chrome before 37.0.2062.94 does not validate a tab's URL before an attach operation, which allows remote attackers to bypass intended access limitations via an extension that uses a restricted URL, as demonstrated by a chrome:// URL."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "69401", "refsource": "BID", "url": "http://www.securityfocus.com/bid/69401"}, {"name": "http://googlechromereleases.blogspot.com/2014/08/stable-channel-update_26.html", "refsource": "CONFIRM", "url": "http://googlechromereleases.blogspot.com/2014/08/stable-channel-update_26.html"}, {"name": "https://src.chromium.org/viewvc/chrome?revision=280354&view=revision", "refsource": "CONFIRM", "url": "https://src.chromium.org/viewvc/chrome?revision=280354&view=revision"}, {"name": "61482", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/61482"}, {"name": "GLSA-201408-16", "refsource": "GENTOO", "url": "http://security.gentoo.org/glsa/glsa-201408-16.xml"}, {"name": "openSUSE-SU-2014:1151", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00027.html"}, {"name": "60268", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/60268"}, {"name": "google-chrome-cve20143172-unspec(95472)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95472"}, {"name": "https://crbug.com/367567", "refsource": "CONFIRM", "url": "https://crbug.com/367567"}, {"name": "1030767", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1030767"}, {"name": "DSA-3039", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2014/dsa-3039"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T10:35:56.715Z"}, "title": "CVE Program Container", "references": [{"name": "69401", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/69401"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://googlechromereleases.blogspot.com/2014/08/stable-channel-update_26.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://src.chromium.org/viewvc/chrome?revision=280354&view=revision"}, {"name": "61482", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/61482"}, {"name": "GLSA-201408-16", "tags": ["vendor-advisory", "x_refsource_GENTOO", "x_transferred"], "url": "http://security.gentoo.org/glsa/glsa-201408-16.xml"}, {"name": "openSUSE-SU-2014:1151", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00027.html"}, {"name": "60268", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/60268"}, {"name": "google-chrome-cve20143172-unspec(95472)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95472"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://crbug.com/367567"}, {"name": "1030767", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id/1030767"}, {"name": "DSA-3039", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "http://www.debian.org/security/2014/dsa-3039"}]}]}, "cveMetadata": {"assignerOrgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", "assignerShortName": "Chrome", "cveId": "CVE-2014-3172", "datePublished": "2014-08-27T01:00:00", "dateReserved": "2014-05-03T00:00:00", "dateUpdated": "2024-08-06T10:35:56.715Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*", "matchCriteriaId": "D4CF15EF-CF6A-49EB-AD52-B841A771B0C8", "versionEndIncluding": "37.0.2062.93", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:37.0.2062.0:*:*:*:*:*:*:*", "matchCriteriaId": "0F701378-3B81-41AB-82E6-C271B64B325B", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:37.0.2062.1:*:*:*:*:*:*:*", "matchCriteriaId": "D53BE304-211A-404B-B800-6ECB66FC95AE", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:37.0.2062.2:*:*:*:*:*:*:*", "matchCriteriaId": "2F8902F1-31DE-4618-BC6A-2CEB77CE0CFF", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:37.0.2062.3:*:*:*:*:*:*:*", "matchCriteriaId": "03C82FB7-E434-4FE5-8BBE-2813B640A338", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:37.0.2062.4:*:*:*:*:*:*:*", "matchCriteriaId": "1C991A75-80C8-4BCC-A837-B8AE12EB08FA", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:37.0.2062.5:*:*:*:*:*:*:*", "matchCriteriaId": "2FAA26AE-CB14-4139-967A-2455DDFE988D", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:37.0.2062.6:*:*:*:*:*:*:*", "matchCriteriaId": "1EECB924-BB97-4AF5-A47F-9037749FB1A6", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:37.0.2062.7:*:*:*:*:*:*:*", "matchCriteriaId": "9555F177-8FEB-4D9C-90EA-CFA0F720FEF3", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:37.0.2062.8:*:*:*:*:*:*:*", "matchCriteriaId": "3BE2937A-98C7-4662-9CC7-7681ED323F6B", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:37.0.2062.9:*:*:*:*:*:*:*", "matchCriteriaId": "CD8602FB-3B25-46F1-AAA9-8B1A1DA69F0D", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:37.0.2062.10:*:*:*:*:*:*:*", "matchCriteriaId": "DF0BA783-86BA-4678-913D-80EDF56992A3", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:37.0.2062.11:*:*:*:*:*:*:*", "matchCriteriaId": "B1372534-A736-4538-AA7E-CFC08DC056DC", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:37.0.2062.12:*:*:*:*:*:*:*", "matchCriteriaId": "A34F1468-0C18-4B01-BA36-AADD8A7ADC2A", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:37.0.2062.13:*:*:*:*:*:*:*", "matchCriteriaId": "306639CB-9CA3-4D05-B388-580CB482F039", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:37.0.2062.14:*:*:*:*:*:*:*", "matchCriteriaId": "4D9CD009-556D-4E6F-964F-7CB01E4E5161", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:37.0.2062.15:*:*:*:*:*:*:*", "matchCriteriaId": "E6EF83C7-EF96-4523-8249-B61B9243A543", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:37.0.2062.16:*:*:*:*:*:*:*", "matchCriteriaId": "354673A9-5100-46CE-AB62-C1BD06EA4876", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:37.0.2062.17:*:*:*:*:*:*:*", "matchCriteriaId": "A5B4C2E7-0AED-4622-B569-D4FBDF431571", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:37.0.2062.18:*:*:*:*:*:*:*", "matchCriteriaId": "8AB97059-5536-4565-B021-30B03FA6700F", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:37.0.2062.19:*:*:*:*:*:*:*", "matchCriteriaId": "8EA6B745-1329-4D99-8ACE-14438BD36B70", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:37.0.2062.20:*:*:*:*:*:*:*", "matchCriteriaId": "B6A8C84C-B5FF-4722-BBEA-9705AC93B8B3", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:37.0.2062.21:*:*:*:*:*:*:*", "matchCriteriaId": "84EA8B73-D8EB-4171-81DD-146A96EDF22A", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:37.0.2062.22:*:*:*:*:*:*:*", "matchCriteriaId": "4DD2E887-0B9D-4C67-B116-BEB5D7256682", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:37.0.2062.23:*:*:*:*:*:*:*", "matchCriteriaId": "3E11F118-6BE5-4F76-9B56-88F6981C0A49", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:37.0.2062.24:*:*:*:*:*:*:*", "matchCriteriaId": "6C8F4B1B-930D-4B2F-AEBD-5B86086ABC39", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:37.0.2062.25:*:*:*:*:*:*:*", "matchCriteriaId": "E4BBA599-AA08-4B85-B72C-5E11F9D019E2", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:37.0.2062.26:*:*:*:*:*:*:*", "matchCriteriaId": "BFA810CC-6DE3-4CE8-A492-6986BD17BE78", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:37.0.2062.27:*:*:*:*:*:*:*", "matchCriteriaId": "3CE81439-8B09-4106-9523-F43C0B541A98", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:37.0.2062.28:*:*:*:*:*:*:*", "matchCriteriaId": "208619F0-CFE0-41C4-9C5B-B2EAF6B389BF", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:37.0.2062.29:*:*:*:*:*:*:*", "matchCriteriaId": "5E862A55-8795-4BB5-870F-E38DBC5FABC6", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:37.0.2062.30:*:*:*:*:*:*:*", "matchCriteriaId": "FEFBC1F1-291C-42B1-9DD4-36B04A9B97AE", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:37.0.2062.31:*:*:*:*:*:*:*", "matchCriteriaId": "7C283142-1633-4C59-BB2C-8E085B8D2709", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:37.0.2062.32:*:*:*:*:*:*:*", "matchCriteriaId": "F2286AE1-8D20-494C-A4DF-1C70C086D5F6", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:37.0.2062.33:*:*:*:*:*:*:*", "matchCriteriaId": "E7DE2B94-D778-46C9-A62F-69755BA2BCF1", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:37.0.2062.34:*:*:*:*:*:*:*", "matchCriteriaId": "4467FA75-AAD4-4290-9142-0F104DF9FC5E", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:37.0.2062.35:*:*:*:*:*:*:*", "matchCriteriaId": "73655CAB-70EA-4803-8759-589FE48A85E7", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:37.0.2062.36:*:*:*:*:*:*:*", "matchCriteriaId": "F3B05E8A-91D5-4B18-92EF-753BF4AD5903", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:37.0.2062.37:*:*:*:*:*:*:*", "matchCriteriaId": "59E5F85D-4A69-4446-ACED-B0EFF6C163BB", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:37.0.2062.39:*:*:*:*:*:*:*", "matchCriteriaId": "9F6109DC-D7BA-4143-9627-F786AF1B0160", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:37.0.2062.43:*:*:*:*:*:*:*", "matchCriteriaId": "0D4A1AF1-4677-47B4-BA5E-538895F206B6", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:37.0.2062.44:*:*:*:*:*:*:*", "matchCriteriaId": "340B17EA-7026-46A9-84C3-26EAC4CE9B79", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:37.0.2062.45:*:*:*:*:*:*:*", "matchCriteriaId": "79AA77B6-BF3E-425F-8F07-A5BB8E030C98", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:37.0.2062.46:*:*:*:*:*:*:*", "matchCriteriaId": "B37F78D0-E7AB-406C-9A97-0600D5AD19AC", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:37.0.2062.47:*:*:*:*:*:*:*", "matchCriteriaId": "EE4DB73C-B60E-4630-9CE5-99408C1FB4DC", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:37.0.2062.48:*:*:*:*:*:*:*", "matchCriteriaId": "2622DAA5-406F-4FC4-8D6F-97759DF6BD2C", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:37.0.2062.49:*:*:*:*:*:*:*", "matchCriteriaId": "8E5A596B-6184-453E-8450-F8A057C1D50A", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:37.0.2062.50:*:*:*:*:*:*:*", "matchCriteriaId": "D00A3638-7D95-4E90-9DA7-82C2F917C57C", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:37.0.2062.51:*:*:*:*:*:*:*", "matchCriteriaId": "45BC22F7-65EC-4CAA-ABD4-1C39C8084E70", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:37.0.2062.52:*:*:*:*:*:*:*", "matchCriteriaId": "245147AE-43A2-45C8-8179-25948F630B29", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:37.0.2062.53:*:*:*:*:*:*:*", "matchCriteriaId": "439343BC-5EAD-4150-ABDC-B9A6714B29ED", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:37.0.2062.54:*:*:*:*:*:*:*", "matchCriteriaId": "10988982-6718-48B2-BCF8-370E26435A44", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:37.0.2062.55:*:*:*:*:*:*:*", "matchCriteriaId": "69A7A23A-013A-4AF2-B5FD-07FE36DDF9FD", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:37.0.2062.56:*:*:*:*:*:*:*", "matchCriteriaId": "9D8D4586-C566-49BC-8942-DAA852CD1050", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:37.0.2062.57:*:*:*:*:*:*:*", "matchCriteriaId": "F333616F-1BBB-4A8C-89E3-FF46740385F2", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:37.0.2062.58:*:*:*:*:*:*:*", "matchCriteriaId": "C0ABB09E-A89C-47E0-BDF8-59C9DDFB328E", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:37.0.2062.59:*:*:*:*:*:*:*", "matchCriteriaId": "89BC8272-32B1-429E-AB97-85993A54B946", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:37.0.2062.60:*:*:*:*:*:*:*", "matchCriteriaId": "3EDDCFE3-10A3-4207-8513-F2641CC6C14E", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:37.0.2062.61:*:*:*:*:*:*:*", "matchCriteriaId": "5BC8932C-7631-4546-8C79-D9C5C60BCA6F", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:37.0.2062.62:*:*:*:*:*:*:*", "matchCriteriaId": "EB9B2D05-44B4-4120-8B70-471FA7A11475", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:37.0.2062.63:*:*:*:*:*:*:*", "matchCriteriaId": "CE4F4473-F7B9-4C4F-A05C-0CABDD381B0C", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:37.0.2062.64:*:*:*:*:*:*:*", "matchCriteriaId": "767A2490-4719-4F77-9084-224660AD8C3D", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:37.0.2062.65:*:*:*:*:*:*:*", "matchCriteriaId": "16E075AF-C990-402A-BA3A-490D3CC565DE", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:37.0.2062.66:*:*:*:*:*:*:*", "matchCriteriaId": "777F4F2A-8699-4925-BE7B-4E96D3D8B486", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:37.0.2062.67:*:*:*:*:*:*:*", "matchCriteriaId": "2D3A975E-1245-48D1-970F-292EBBC27BA5", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:37.0.2062.68:*:*:*:*:*:*:*", "matchCriteriaId": "47C3DFFE-6BD7-4E06-A1FF-CA64ABBE2EAF", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:37.0.2062.69:*:*:*:*:*:*:*", "matchCriteriaId": "244E0541-07AD-4E23-BD9A-99E82E5095E8", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:37.0.2062.70:*:*:*:*:*:*:*", "matchCriteriaId": "9406F53F-D335-4C0D-9FFE-031A8D23DAF1", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:37.0.2062.71:*:*:*:*:*:*:*", "matchCriteriaId": "059F95BC-6375-45FF-A5BC-A3DCB09C9B9D", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:37.0.2062.72:*:*:*:*:*:*:*", "matchCriteriaId": "95B22F05-AF54-4DF3-814A-4D4722826B7C", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:37.0.2062.73:*:*:*:*:*:*:*", "matchCriteriaId": "57659829-7B94-4E28-82AF-1E6AC14B65C2", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:37.0.2062.74:*:*:*:*:*:*:*", "matchCriteriaId": "CE8D1E75-3C8C-4DAD-8C69-43CD3BF0C16B", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:37.0.2062.75:*:*:*:*:*:*:*", "matchCriteriaId": "5B41B7DA-642F-45D7-9C44-6DBDDB180F67", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:37.0.2062.76:*:*:*:*:*:*:*", "matchCriteriaId": "4345C4B0-FA91-4E8C-B5B1-927F3622CA2F", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:37.0.2062.77:*:*:*:*:*:*:*", "matchCriteriaId": "9C2391A9-A0D1-45DC-8FEA-79DE29775271", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:37.0.2062.78:*:*:*:*:*:*:*", "matchCriteriaId": "B86B675F-E365-49DC-90F7-5DB02816E609", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:37.0.2062.80:*:*:*:*:*:*:*", "matchCriteriaId": "FA5436F8-5125-45A4-B14E-958335A60BB2", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:37.0.2062.81:*:*:*:*:*:*:*", "matchCriteriaId": "34BAC3C9-D121-4FF4-8DC6-1C2022B1F536", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:37.0.2062.89:*:*:*:*:*:*:*", "matchCriteriaId": "752A92E8-B928-4743-9D1F-259FEEC29299", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:37.0.2062.90:*:*:*:*:*:*:*", "matchCriteriaId": "4704C7D1-B3A0-4357-91B4-B3C66E476097", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:37.0.2062.91:*:*:*:*:*:*:*", "matchCriteriaId": "FB4F2DE1-350D-4A3B-A1C4-F1216938A7EF", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:37.0.2062.92:*:*:*:*:*:*:*", "matchCriteriaId": "F7040D56-1D04-4E2A-9E1C-0306784CA6DE", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The Debugger extension API in browser/extensions/api/debugger/debugger_api.cc in Google Chrome before 37.0.2062.94 does not validate a tab's URL before an attach operation, which allows remote attackers to bypass intended access limitations via an extension that uses a restricted URL, as demonstrated by a chrome:// URL."}, {"lang": "es", "value": "La Api de extensi\u00f3n Debugger en browser/extensions/api/debugger/debugger_api.cc en Google Chrome anterior a 37.0.2062.94 no valida la URL de una pesta\u00f1a antes de una operaci\u00f3n de adjuntar, lo que permite a atacantes remotos evadir las limitaciones de acceso a trav\u00e9s de una extensi\u00f3n que utiliza una URL restringida, como fue demostrado por una URL chrome://."}], "id": "CVE-2014-3172", "lastModified": "2025-04-12T10:46:40.837", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 6.4, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 4.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "[email protected]", "type": "Primary", "userInteractionRequired": false}]}, "published": "2014-08-27T01:55:05.697", "references": [{"source": "[email protected]", "url": "http://googlechromereleases.blogspot.com/2014/08/stable-channel-update_26.html"}, {"source": "[email protected]", "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00027.html"}, {"source": "[email protected]", "url": "http://secunia.com/advisories/60268"}, {"source": "[email protected]", "url": "http://secunia.com/advisories/61482"}, {"source": "[email protected]", "url": "http://security.gentoo.org/glsa/glsa-201408-16.xml"}, {"source": "[email protected]", "url": "http://www.debian.org/security/2014/dsa-3039"}, {"source": "[email protected]", "url": "http://www.securityfocus.com/bid/69401"}, {"source": "[email protected]", "url": "http://www.securitytracker.com/id/1030767"}, {"source": "[email protected]", "url": "https://crbug.com/367567"}, {"source": "[email protected]", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95472"}, {"source": "[email protected]", "url": "https://src.chromium.org/viewvc/chrome?revision=280354&view=revision"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://googlechromereleases.blogspot.com/2014/08/stable-channel-update_26.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00027.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/60268"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/61482"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://security.gentoo.org/glsa/glsa-201408-16.xml"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2014/dsa-3039"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/69401"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securitytracker.com/id/1030767"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://crbug.com/367567"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95472"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://src.chromium.org/viewvc/chrome?revision=280354&view=revision"}], "sourceIdentifier": "[email protected]", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-264"}], "source": "[email protected]", "type": "Primary"}]}

{}