Launchpad CVE tracker

CVE 2013-2920

The DoResolveRelativeHost function in url/url_canon_relative.cc in Google Chrome before 30.0.1599.66 allows remote attackers to cause a denial of service (out-of-bounds read) via a relative URL containing a hostname, as demonstrated by a protocol-relative URL beginning with a //www.google.com/ substring.

Related bugs and status

CVE-2013-2920 (Candidate) is related to these bugs:

Bug #1223855: after opening webapps window and a normal window, normal window doesn't respond to Ctrl-T

Summary				In	Importance	Status
	1223855	after opening webapps window and a normal window, normal window doesn't respond to Ctrl-T		chromium-browser (Ubuntu)	Undecided	Fix Released

Bug #1226143: error while loading shared libraries: liburl_lib.so

Summary				In	Importance	Status
	1226143	error while loading shared libraries: liburl_lib.so		chromium-browser (Ubuntu)	Undecided	Fix Released

Bug #1232575: chrome.extension not available when called from extension scripts in Chromium but works on Chrome

Summary				In	Importance	Status
	1232575	chrome.extension not available when called from extension scripts in Chromium but works on Chrome		chromium-browser (Ubuntu)	High	Fix Released
	1232575	chrome.extension not available when called from extension scripts in Chromium but works on Chrome		Chromium Browser	Unknown	Unknown

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2013-2920

References