The WebContentsDelegateAndroid::OpenURLFromTab function in components/web_contents_delegate_android/web_contents_delegate_android.cc in Google Chrome before 36.0.1985.122 on Android does not properly restrict URL loading, which allows remote attackers to spoof the URL in the Omnibox via unspecified vectors.
2014-07-20T11:12:50.197
2025-04-12T10:46:40.837
Deferred
CVSSv2: 6.4 (MEDIUM)
AV:N/AC:L/Au:N/C:P/I:P/A:N
10.0
4.9
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | chrome | ≤ 36.0.1985.106 | Yes | |
| Application | chrome | 36.0.1985.1 | Yes | |
| Application | chrome | 36.0.1985.2 | Yes | |
| Application | chrome | 36.0.1985.3 | Yes | |
| Application | chrome | 36.0.1985.4 | Yes | |
| Application | chrome | 36.0.1985.5 | Yes | |
| Application | chrome | 36.0.1985.6 | Yes | |
| Application | chrome | 36.0.1985.8 | Yes | |
| Application | chrome | 36.0.1985.12 | Yes | |
| Application | chrome | 36.0.1985.13 | Yes | |
| Application | chrome | 36.0.1985.14 | Yes | |
| Application | chrome | 36.0.1985.15 | Yes | |
| Application | chrome | 36.0.1985.16 | Yes | |
| Application | chrome | 36.0.1985.17 | Yes | |
| Application | chrome | 36.0.1985.18 | Yes | |
| Application | chrome | 36.0.1985.19 | Yes | |
| Application | chrome | 36.0.1985.20 | Yes | |
| Application | chrome | 36.0.1985.21 | Yes | |
| Application | chrome | 36.0.1985.22 | Yes | |
| Application | chrome | 36.0.1985.23 | Yes | |
| Application | chrome | 36.0.1985.24 | Yes | |
| Application | chrome | 36.0.1985.25 | Yes | |
| Application | chrome | 36.0.1985.26 | Yes | |
| Application | chrome | 36.0.1985.27 | Yes | |
| Application | chrome | 36.0.1985.28 | Yes | |
| Application | chrome | 36.0.1985.29 | Yes | |
| Application | chrome | 36.0.1985.30 | Yes | |
| Application | chrome | 36.0.1985.31 | Yes | |
| Application | chrome | 36.0.1985.32 | Yes | |
| Application | chrome | 36.0.1985.33 | Yes | |
| Application | chrome | 36.0.1985.34 | Yes | |
| Application | chrome | 36.0.1985.35 | Yes | |
| Application | chrome | 36.0.1985.36 | Yes | |
| Application | chrome | 36.0.1985.37 | Yes | |
| Application | chrome | 36.0.1985.38 | Yes | |
| Application | chrome | 36.0.1985.39 | Yes | |
| Application | chrome | 36.0.1985.40 | Yes | |
| Application | chrome | 36.0.1985.41 | Yes | |
| Application | chrome | 36.0.1985.42 | Yes | |
| Application | chrome | 36.0.1985.43 | Yes | |
| Application | chrome | 36.0.1985.44 | Yes | |
| Application | chrome | 36.0.1985.45 | Yes | |
| Application | chrome | 36.0.1985.46 | Yes | |
| Application | chrome | 36.0.1985.47 | Yes | |
| Application | chrome | 36.0.1985.48 | Yes | |
| Application | chrome | 36.0.1985.49 | Yes | |
| Application | chrome | 36.0.1985.50 | Yes | |
| Application | chrome | 36.0.1985.51 | Yes | |
| Application | chrome | 36.0.1985.52 | Yes | |
| Application | chrome | 36.0.1985.53 | Yes | |
| Application | chrome | 36.0.1985.54 | Yes | |
| Application | chrome | 36.0.1985.55 | Yes | |
| Application | chrome | 36.0.1985.56 | Yes | |
| Application | chrome | 36.0.1985.57 | Yes | |
| Application | chrome | 36.0.1985.58 | Yes | |
| Application | chrome | 36.0.1985.59 | Yes | |
| Application | chrome | 36.0.1985.60 | Yes | |
| Application | chrome | 36.0.1985.61 | Yes | |
| Application | chrome | 36.0.1985.62 | Yes | |
| Application | chrome | 36.0.1985.63 | Yes | |
| Application | chrome | 36.0.1985.64 | Yes | |
| Application | chrome | 36.0.1985.65 | Yes | |
| Application | chrome | 36.0.1985.66 | Yes | |
| Application | chrome | 36.0.1985.67 | Yes | |
| Application | chrome | 36.0.1985.68 | Yes | |
| Application | chrome | 36.0.1985.69 | Yes | |
| Application | chrome | 36.0.1985.70 | Yes | |
| Application | chrome | 36.0.1985.72 | Yes | |
| Application | chrome | 36.0.1985.73 | Yes | |
| Application | chrome | 36.0.1985.74 | Yes | |
| Application | chrome | 36.0.1985.75 | Yes | |
| Application | chrome | 36.0.1985.76 | Yes | |
| Application | chrome | 36.0.1985.77 | Yes | |
| Application | chrome | 36.0.1985.78 | Yes | |
| Application | chrome | 36.0.1985.79 | Yes | |
| Application | chrome | 36.0.1985.81 | Yes | |
| Application | chrome | 36.0.1985.82 | Yes | |
| Application | chrome | 36.0.1985.83 | Yes | |
| Application | chrome | 36.0.1985.84 | Yes | |
| Application | chrome | 36.0.1985.85 | Yes | |
| Application | chrome | 36.0.1985.86 | Yes | |
| Application | chrome | 36.0.1985.87 | Yes | |
| Application | chrome | 36.0.1985.88 | Yes | |
| Application | chrome | 36.0.1985.89 | Yes | |
| Application | chrome | 36.0.1985.90 | Yes | |
| Application | chrome | 36.0.1985.91 | Yes | |
| Application | chrome | 36.0.1985.92 | Yes | |
| Application | chrome | 36.0.1985.93 | Yes | |
| Application | chrome | 36.0.1985.94 | Yes | |
| Application | chrome | 36.0.1985.95 | Yes | |
| Application | chrome | 36.0.1985.96 | Yes | |
| Application | chrome | 36.0.1985.97 | Yes | |
| Application | chrome | 36.0.1985.98 | Yes | |
| Application | chrome | 36.0.1985.99 | Yes | |
| Application | chrome | 36.0.1985.100 | Yes | |
| Application | chrome | 36.0.1985.101 | Yes | |
| Application | chrome | 36.0.1985.102 | Yes | |
| Application | chrome | 36.0.1985.103 | Yes | |
| Application | chrome | 36.0.1985.104 | Yes | |
| Application | chrome | 36.0.1985.105 | Yes | |
| Operating System | android | * | No |