Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2013-0885

Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, does not properly restrict API privileges during interaction with the Chrome Web Store, which has unspecified impact and attack vectors.

Related bugs and status

CVE-2013-0885 (Candidate) is related to these bugs:

Bug #1132568: Please update to 25.0.1364.160

		In	Importance	Status
1132568	Please update to 25.0.1364.160	chromium-browser (Ubuntu)	High	Fix Released
1132568	Please update to 25.0.1364.160	chromium-browser (Ubuntu Lucid)	High	Fix Released
1132568	Please update to 25.0.1364.160	chromium-browser (Ubuntu Oneiric)	High	Fix Released
1132568	Please update to 25.0.1364.160	chromium-browser (Ubuntu Quantal)	High	Fix Released
1132568	Please update to 25.0.1364.160	chromium-browser (Ubuntu Precise)	High	Fix Released
1132568	Please update to 25.0.1364.160	chromium-browser (Ubuntu Raring)	High	Fix Released

See the

CVE page on Mitre.org for more details.

References

CONFIRM: http://googlechromerel...
CONFIRM: https://code.google.co...
SUSE: openSUSE-SU-2013:0454
OVAL: oval:org.mitre.oval:de...