CVE-2013-0885

Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, does not properly restrict API privileges during interaction with the Chrome Web Store, which has unspecified impact and attack vectors.

🔗 References (8)

• chrome-cve-admin@googlehttp://googlechromereleases.blogspot.com/2013/02/stable-channel-update_21.html
• chrome-cve-admin@googlehttp://lists.opensuse.org/opensuse-updates/2013-03/msg00045.html
• chrome-cve-admin@googlehttps://code.google.com/p/chromium/issues/detail?id=172369
• chrome-cve-admin@googlehttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16255
• af854a3a-2127-422b-91ae-364da2661108http://googlechromereleases.blogspot.com/2013/02/stable-channel-update_21.html
• af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-updates/2013-03/msg00045.html
• af854a3a-2127-422b-91ae-364da2661108https://code.google.com/p/chromium/issues/detail?id=172369
• af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16255