Attacker Value
Unknown
(0 users assessed)
Exploitability
Unknown
(0 users assessed)
User Interaction
Unknown
Privileges Required
Unknown
Attack Vector
Unknown
0

CVE-2013-6636

Disclosure Date: December 07, 2013
Add MITRE ATT&CK tactics and techniques that apply to this CVE.

Description

The FrameLoader::notifyIfInitialDocumentAccessed function in core/loader/FrameLoader.cpp in Blink, as used in Google Chrome before 31.0.1650.63, makes an incorrect check for an empty document during presentation of a modal dialog, which allows remote attackers to spoof the address bar via vectors involving the document.write method.

Add Assessment

No one has assessed this topic. Be the first to add your voice to the community.

General Information

Technical Analysis