Launchpad CVE tracker

CVE 2013-6636

The FrameLoader::notifyIfInitialDocumentAccessed function in core/loader/FrameLoader.cpp in Blink, as used in Google Chrome before 31.0.1650.63, makes an incorrect check for an empty document during presentation of a modal dialog, which allows remote attackers to spoof the address bar via vectors involving the document.write method.

Related bugs and status

CVE-2013-6636 (Candidate) is related to these bugs:

Bug #1249389: linker complains of PIC instruction on object file not compiled as PIC

Summary				In	Importance	Status
	1249389	linker complains of PIC instruction on object file not compiled as PIC		chromium-browser (Ubuntu)	Undecided	Fix Released

Bug #1250579: Security fixes from 31.0.1650.48

Summary				In	Importance	Status
	1250579	Security fixes from 31.0.1650.48		chromium-browser (Ubuntu)	Undecided	Fix Released

Bug #1251454: chromium-browser fails to depend on a compatible version of libnss3

Summary				In	Importance	Status
	1251454	chromium-browser fails to depend on a compatible version of libnss3		chromium-browser (Ubuntu)	Undecided	Fix Released

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2013-6636

References