{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2014-07-16T00:00:00", "descriptions": [{"lang": "en", "value": "The ResourceFetcher::canRequest function in core/fetch/ResourceFetcher.cpp in Blink, as used in Google Chrome before 36.0.1985.125, does not properly restrict subresource requests associated with SVG files, which allows remote attackers to bypass the Same Origin Policy via a crafted file."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-01-04T20:57:01", "orgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", "shortName": "Chrome"}, "references": [{"name": "68677", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/68677"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://src.chromium.org/viewvc/blink?revision=176084&view=revision"}, {"name": "GLSA-201408-16", "tags": ["vendor-advisory", "x_refsource_GENTOO"], "url": "http://security.gentoo.org/glsa/glsa-201408-16.xml"}, {"name": "60372", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/60372"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://googlechromereleases.blogspot.com/2014/07/stable-channel-update.html"}, {"name": "60061", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/60061"}, {"name": "DSA-3039", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2014/dsa-3039"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://code.google.com/p/chromium/issues/detail?id=380885"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security@google.com", "ID": "CVE-2014-3160", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The ResourceFetcher::canRequest function in core/fetch/ResourceFetcher.cpp in Blink, as used in Google Chrome before 36.0.1985.125, does not properly restrict subresource requests associated with SVG files, which allows remote attackers to bypass the Same Origin Policy via a crafted file."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "68677", "refsource": "BID", "url": "http://www.securityfocus.com/bid/68677"}, {"name": "https://src.chromium.org/viewvc/blink?revision=176084&view=revision", "refsource": "CONFIRM", "url": "https://src.chromium.org/viewvc/blink?revision=176084&view=revision"}, {"name": "GLSA-201408-16", "refsource": "GENTOO", "url": "http://security.gentoo.org/glsa/glsa-201408-16.xml"}, {"name": "60372", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/60372"}, {"name": "http://googlechromereleases.blogspot.com/2014/07/stable-channel-update.html", "refsource": "CONFIRM", "url": "http://googlechromereleases.blogspot.com/2014/07/stable-channel-update.html"}, {"name": "60061", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/60061"}, {"name": "DSA-3039", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2014/dsa-3039"}, {"name": "https://code.google.com/p/chromium/issues/detail?id=380885", "refsource": "CONFIRM", "url": "https://code.google.com/p/chromium/issues/detail?id=380885"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T10:35:56.778Z"}, "title": "CVE Program Container", "references": [{"name": "68677", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/68677"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://src.chromium.org/viewvc/blink?revision=176084&view=revision"}, {"name": "GLSA-201408-16", "tags": ["vendor-advisory", "x_refsource_GENTOO", "x_transferred"], "url": "http://security.gentoo.org/glsa/glsa-201408-16.xml"}, {"name": "60372", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/60372"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://googlechromereleases.blogspot.com/2014/07/stable-channel-update.html"}, {"name": "60061", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/60061"}, {"name": "DSA-3039", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "http://www.debian.org/security/2014/dsa-3039"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://code.google.com/p/chromium/issues/detail?id=380885"}]}]}, "cveMetadata": {"assignerOrgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", "assignerShortName": "Chrome", "cveId": "CVE-2014-3160", "datePublished": "2014-07-20T10:00:00", "dateReserved": "2014-05-03T00:00:00", "dateUpdated": "2024-08-06T10:35:56.778Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA", "vulnerable": true}, {"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:google:chrome:36.0.1985.1:*:*:*:*:*:*:*", "matchCriteriaId": "034EBC36-A9CF-4606-A08F-7159AB86AFCE", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:36.0.1985.2:*:*:*:*:*:*:*", "matchCriteriaId": "BB5738B3-6465-4AF4-A7FA-103FED812F56", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:36.0.1985.3:*:*:*:*:*:*:*", "matchCriteriaId": "188511A2-3516-4993-982D-923ECA1A4C25", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:36.0.1985.4:*:*:*:*:*:*:*", "matchCriteriaId": "8CED7E89-3559-439D-8840-B68C01C8D5E0", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:36.0.1985.5:*:*:*:*:*:*:*", "matchCriteriaId": "CDC37763-EB39-49BF-9DE8-1E1FE3278A0E", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:36.0.1985.6:*:*:*:*:*:*:*", "matchCriteriaId": "E5FB6B01-3610-447D-8F80-BCF45AA8774A", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:36.0.1985.8:*:*:*:*:*:*:*", "matchCriteriaId": "C0BC651A-0811-46DB-B3E2-06574DFCEA77", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:36.0.1985.12:*:*:*:*:*:*:*", "matchCriteriaId": "663584A3-7E9A-4A85-A6FD-139A4901CE0A", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:36.0.1985.13:*:*:*:*:*:*:*", "matchCriteriaId": "C77F9F75-A405-48B0-B4B1-CBEA993EC127", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:36.0.1985.14:*:*:*:*:*:*:*", "matchCriteriaId": "D8E0C87F-44BB-44E0-8D3B-90E77FA97923", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:36.0.1985.15:*:*:*:*:*:*:*", "matchCriteriaId": "CF831B62-3FA4-4AAB-93C5-94C90E09C0D5", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:36.0.1985.16:*:*:*:*:*:*:*", "matchCriteriaId": "23CE59C5-6330-4022-9071-D2B1F2C9743B", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:36.0.1985.17:*:*:*:*:*:*:*", "matchCriteriaId": "0E349413-FC94-4C7C-831B-AD19E660AAEF", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:36.0.1985.18:*:*:*:*:*:*:*", "matchCriteriaId": "DFE28FF7-EACE-474F-8AB1-897C9515D8CC", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:36.0.1985.19:*:*:*:*:*:*:*", "matchCriteriaId": "7411454F-7C8A-4ADB-8F1E-F24F38CC475B", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:36.0.1985.20:*:*:*:*:*:*:*", "matchCriteriaId": "C5E38BA8-A312-4374-BA95-095A6C581177", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:36.0.1985.21:*:*:*:*:*:*:*", "matchCriteriaId": "2BCB94DC-B29A-4DE2-8DD7-8027144E9160", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:36.0.1985.22:*:*:*:*:*:*:*", "matchCriteriaId": "289B4894-C04B-42B9-AF34-6F6C3283B92F", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:36.0.1985.23:*:*:*:*:*:*:*", "matchCriteriaId": "BAFFBA9E-7B85-498B-ABFC-C1E9FA3E7957", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:36.0.1985.24:*:*:*:*:*:*:*", "matchCriteriaId": "4775EFA0-72D0-40C3-9C57-82719F1E787F", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:36.0.1985.25:*:*:*:*:*:*:*", "matchCriteriaId": "F1543632-8553-4B11-8C52-040D9B789D72", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:36.0.1985.26:*:*:*:*:*:*:*", "matchCriteriaId": "BB77631C-E246-4297-A3DF-8C65C7764447", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:36.0.1985.27:*:*:*:*:*:*:*", "matchCriteriaId": "3E4FD7BE-8EF5-4695-9FDE-56E0AEB537A3", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:36.0.1985.28:*:*:*:*:*:*:*", "matchCriteriaId": "9D496614-D271-4BDB-9970-113DAD4BD831", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:36.0.1985.29:*:*:*:*:*:*:*", "matchCriteriaId": "8636C621-F6A9-4AE7-BB02-0318BF1DD8B4", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:36.0.1985.30:*:*:*:*:*:*:*", "matchCriteriaId": "FBCA4077-F5C9-43D2-9199-944C89633552", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:36.0.1985.31:*:*:*:*:*:*:*", "matchCriteriaId": "DE15A42D-F019-4F64-8A0F-C0EAEFCF35E2", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:36.0.1985.32:*:*:*:*:*:*:*", "matchCriteriaId": "3277E700-A60B-48A4-96D5-AE9A154EC3B1", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:36.0.1985.33:*:*:*:*:*:*:*", "matchCriteriaId": "2C34880E-02B2-4FA2-A3CE-CD6B57870703", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:36.0.1985.34:*:*:*:*:*:*:*", "matchCriteriaId": "122EBB89-8BB8-42EE-BD7E-BA8A6D78FCA8", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:36.0.1985.35:*:*:*:*:*:*:*", "matchCriteriaId": "09CCBBF4-002D-4020-BF73-02FC4783014B", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:36.0.1985.36:*:*:*:*:*:*:*", "matchCriteriaId": "9341B2CC-90C5-403D-A6BD-C5D6CB668DF0", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:36.0.1985.37:*:*:*:*:*:*:*", "matchCriteriaId": "BE485EA9-4E47-46E5-9E36-F023FA4552B4", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:36.0.1985.38:*:*:*:*:*:*:*", "matchCriteriaId": "9C23AD90-B066-40AB-9015-CB27319F5DC8", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:36.0.1985.39:*:*:*:*:*:*:*", "matchCriteriaId": "23BA1D89-E3F1-45A9-BDBE-116217FA564E", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:36.0.1985.40:*:*:*:*:*:*:*", "matchCriteriaId": "01BD5F1D-1BA1-4993-8A25-393D22229C43", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:36.0.1985.41:*:*:*:*:*:*:*", "matchCriteriaId": "C18A686D-1176-45E1-8BB6-FBFD7EB8125D", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:36.0.1985.42:*:*:*:*:*:*:*", "matchCriteriaId": "E77A0160-6D9B-4F31-A3E9-326D47861BD7", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:36.0.1985.43:*:*:*:*:*:*:*", "matchCriteriaId": "5D6BB6E3-50DD-49AF-BAD5-8D6B882EC8FF", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:36.0.1985.44:*:*:*:*:*:*:*", "matchCriteriaId": "34110090-4076-4F54-B725-6E7FDF8B9AE2", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:36.0.1985.45:*:*:*:*:*:*:*", "matchCriteriaId": "641A7CED-5A5B-4234-B457-7D25D9803798", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:36.0.1985.46:*:*:*:*:*:*:*", "matchCriteriaId": "FB8D94F8-532B-442D-AF36-43ADAA29C3EF", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:36.0.1985.47:*:*:*:*:*:*:*", "matchCriteriaId": "8A4CB7E6-F4C8-438B-8A0A-72725C4FAAA4", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:36.0.1985.48:*:*:*:*:*:*:*", "matchCriteriaId": "336A4169-DE67-4F47-B48B-6FED2FF836BC", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:36.0.1985.49:*:*:*:*:*:*:*", "matchCriteriaId": "D85A3544-3B3A-4C09-A5AD-19C76D50B543", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:36.0.1985.50:*:*:*:*:*:*:*", "matchCriteriaId": "4275E418-3339-4DB8-B1D3-843E233475CB", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:36.0.1985.51:*:*:*:*:*:*:*", "matchCriteriaId": "A9BFCF28-7B2E-4542-B10F-48E107944167", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:36.0.1985.52:*:*:*:*:*:*:*", "matchCriteriaId": "C67843B6-5F11-43F2-AFA8-0525C52D4ACE", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:36.0.1985.53:*:*:*:*:*:*:*", "matchCriteriaId": "707F90CE-9315-4307-8FFD-86E2466731A6", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:36.0.1985.54:*:*:*:*:*:*:*", "matchCriteriaId": "41D30577-22E1-48A4-A9F6-FA9AB1E3EEFD", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:36.0.1985.55:*:*:*:*:*:*:*", "matchCriteriaId": "DBBA976C-1225-4BD3-B5AF-C56367B2675A", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:36.0.1985.56:*:*:*:*:*:*:*", "matchCriteriaId": "53D869C6-B72F-4CAB-A61E-2A339AA37BDF", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:36.0.1985.57:*:*:*:*:*:*:*", "matchCriteriaId": "4A6FCCCE-2134-4FCC-8B69-1538D232CF8E", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:36.0.1985.58:*:*:*:*:*:*:*", "matchCriteriaId": "8E63561C-7674-4261-89B6-9DAC97166BAE", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:36.0.1985.59:*:*:*:*:*:*:*", "matchCriteriaId": "81797436-C14E-4D73-BCE8-D174F3AFD47F", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:36.0.1985.60:*:*:*:*:*:*:*", "matchCriteriaId": "8AB3BBF3-6667-4C1E-8A44-53BA9ADE390D", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:36.0.1985.61:*:*:*:*:*:*:*", "matchCriteriaId": "C9A52C40-FECD-4DFE-A6FF-5834201F2086", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:36.0.1985.62:*:*:*:*:*:*:*", "matchCriteriaId": "AD6DEE24-CD3C-416D-9FA1-0A3284C7155E", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:36.0.1985.63:*:*:*:*:*:*:*", "matchCriteriaId": "EA359EE0-5047-4A22-B352-88FE56EC4A6D", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:36.0.1985.64:*:*:*:*:*:*:*", "matchCriteriaId": "4ACB01CD-69F8-4133-B0C8-88C667AF77E5", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:36.0.1985.65:*:*:*:*:*:*:*", "matchCriteriaId": "CEE6A128-59E6-4728-B5C6-4BF1813D4C40", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:36.0.1985.66:*:*:*:*:*:*:*", "matchCriteriaId": "5E8D8C88-B0DC-40B6-9388-E175041D8E96", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:36.0.1985.67:*:*:*:*:*:*:*", "matchCriteriaId": "3C96219D-2840-4C31-8C29-8763CF8EA1D0", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:36.0.1985.68:*:*:*:*:*:*:*", "matchCriteriaId": "3286D039-6014-453E-8DE6-EF4EC041B3FB", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:36.0.1985.69:*:*:*:*:*:*:*", "matchCriteriaId": "EB694F99-6E1E-46C5-BAB3-6319ADF4191D", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:36.0.1985.70:*:*:*:*:*:*:*", "matchCriteriaId": "6B850799-6FA4-427A-B496-373AA97BE924", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:36.0.1985.72:*:*:*:*:*:*:*", "matchCriteriaId": "8344CC6B-620A-4AAD-A3D7-D15254D91442", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:36.0.1985.73:*:*:*:*:*:*:*", "matchCriteriaId": "39E26455-A7E4-4F7E-8C93-A98E531D3421", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:36.0.1985.74:*:*:*:*:*:*:*", "matchCriteriaId": "BDB57BC3-53B7-41D6-8B2F-0621222D9CDF", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:36.0.1985.75:*:*:*:*:*:*:*", "matchCriteriaId": "34067661-1C76-43AA-A448-B3598FE76420", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:36.0.1985.76:*:*:*:*:*:*:*", "matchCriteriaId": "4E4ED68C-3156-4286-AF42-964A6BF5CCF5", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:36.0.1985.77:*:*:*:*:*:*:*", "matchCriteriaId": "4C487E25-F043-4C84-ADEF-CBBF97A6C294", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:36.0.1985.78:*:*:*:*:*:*:*", "matchCriteriaId": "F78FF9B8-C78F-4A1E-AFB3-46330E2A0EC9", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:36.0.1985.79:*:*:*:*:*:*:*", "matchCriteriaId": "0CFBDA89-FB41-496C-A259-E3D0B034674B", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:36.0.1985.81:*:*:*:*:*:*:*", "matchCriteriaId": "A6BF5998-676C-4E94-9020-26BD6D5D1780", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:36.0.1985.82:*:*:*:*:*:*:*", "matchCriteriaId": "45E63B35-47C3-46B2-93F5-7564CF6D208F", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:36.0.1985.83:*:*:*:*:*:*:*", "matchCriteriaId": "9DD19170-FDD4-41CE-BD56-779A622DF181", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:36.0.1985.84:*:*:*:*:*:*:*", "matchCriteriaId": "E06AD6A4-721C-427F-9B48-77F711DD93C5", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:36.0.1985.85:*:*:*:*:*:*:*", "matchCriteriaId": "E8A4C658-D47B-4BC3-890B-CAE400487F9A", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:36.0.1985.86:*:*:*:*:*:*:*", "matchCriteriaId": "16A6D8DE-1428-4B16-B331-02804A36CE38", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:36.0.1985.87:*:*:*:*:*:*:*", "matchCriteriaId": "0110A1CE-FDDB-442D-8570-631C540E7893", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:36.0.1985.88:*:*:*:*:*:*:*", "matchCriteriaId": "8913F802-16B1-413F-B506-CDD01EF45254", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:36.0.1985.89:*:*:*:*:*:*:*", "matchCriteriaId": "00FC13E3-B987-4E96-8DE6-1F86C56D3421", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:36.0.1985.90:*:*:*:*:*:*:*", "matchCriteriaId": "8723AA17-560B-4F5F-A2C3-22521C1A6DA5", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:36.0.1985.91:*:*:*:*:*:*:*", "matchCriteriaId": "F18EDAA2-D781-4380-9B58-DB56950E5030", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:36.0.1985.92:*:*:*:*:*:*:*", "matchCriteriaId": "CEF5627B-2ACD-4980-8706-EA6A44CACD4E", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:36.0.1985.93:*:*:*:*:*:*:*", "matchCriteriaId": "161617EB-3319-4863-8455-3196A10768C6", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:36.0.1985.94:*:*:*:*:*:*:*", "matchCriteriaId": "17D4849F-0D38-4883-90C0-92828EA45D37", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:36.0.1985.95:*:*:*:*:*:*:*", "matchCriteriaId": "FA069046-D948-474A-BCAE-447B9149CA32", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:36.0.1985.96:*:*:*:*:*:*:*", "matchCriteriaId": "CFA70EA7-79B2-4762-BF48-464E566D68F8", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:36.0.1985.97:*:*:*:*:*:*:*", "matchCriteriaId": "0C41B757-007A-4EE6-B348-D1DD53EE0C3F", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:36.0.1985.98:*:*:*:*:*:*:*", "matchCriteriaId": "8B21277A-265E-41B5-BA87-5EC59A37CB19", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:36.0.1985.99:*:*:*:*:*:*:*", "matchCriteriaId": "92BB0B75-5563-456D-BC06-5C493F42EFA8", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:36.0.1985.100:*:*:*:*:*:*:*", "matchCriteriaId": "F0267B12-C831-49FF-B09D-0F51D7480DF6", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:36.0.1985.101:*:*:*:*:*:*:*", "matchCriteriaId": "00978DD0-CEF3-4544-BF55-154F1BFEE7A4", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:36.0.1985.102:*:*:*:*:*:*:*", "matchCriteriaId": "35D70A8A-3962-4723-A313-8114F3A3D7CE", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:36.0.1985.103:*:*:*:*:*:*:*", "matchCriteriaId": "8AE52C3A-9E56-4835-AC3B-02356F812805", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:36.0.1985.104:*:*:*:*:*:*:*", "matchCriteriaId": "D43A19BA-BC19-4A01-B7F8-568753ACBD67", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:36.0.1985.105:*:*:*:*:*:*:*", "matchCriteriaId": "4330A8C3-A9C7-4D20-B1E1-B050FE660BE1", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:36.0.1985.106:*:*:*:*:*:*:*", "matchCriteriaId": "323B3255-DB94-41B2-AFED-12AA8A8B2EBE", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:36.0.1985.122:*:*:*:*:*:*:*", "matchCriteriaId": "21AF0201-C7F6-4884-939F-81466F0F9FED", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:36.0.1985.123:*:*:*:*:*:*:*", "matchCriteriaId": "266D9AD9-7256-4627-89A1-0DA3389A19CA", "vulnerable": true}, {"criteria": "cpe:2.3:a:google:chrome:36.0.1985.124:*:*:*:*:*:*:*", "matchCriteriaId": "02C1BF3E-264A-4809-87BE-6A00F041DBCE", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The ResourceFetcher::canRequest function in core/fetch/ResourceFetcher.cpp in Blink, as used in Google Chrome before 36.0.1985.125, does not properly restrict subresource requests associated with SVG files, which allows remote attackers to bypass the Same Origin Policy via a crafted file."}, {"lang": "es", "value": "La funci\u00f3n ResourceFetcher::canRequest en core/fetch/ResourceFetcher.cpp en Blink, utilizado en Google Chrome anterior a 36.0.1985.125, no restringe debidamente las solicitudes de subrecursos asociados con ficheros SVG, lo que permite a atacantes remotos evadir Same Origin Policy a trav\u00e9s de un fichero manipulado."}], "id": "CVE-2014-3160", "lastModified": "2025-04-12T10:46:40.837", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2014-07-20T11:12:50.243", "references": [{"source": "chrome-cve-admin@google.com", "url": "http://googlechromereleases.blogspot.com/2014/07/stable-channel-update.html"}, {"source": "chrome-cve-admin@google.com", "url": "http://secunia.com/advisories/60061"}, {"source": "chrome-cve-admin@google.com", "url": "http://secunia.com/advisories/60372"}, {"source": "chrome-cve-admin@google.com", "url": "http://security.gentoo.org/glsa/glsa-201408-16.xml"}, {"source": "chrome-cve-admin@google.com", "url": "http://www.debian.org/security/2014/dsa-3039"}, {"source": "chrome-cve-admin@google.com", "url": "http://www.securityfocus.com/bid/68677"}, {"source": "chrome-cve-admin@google.com", "url": "https://code.google.com/p/chromium/issues/detail?id=380885"}, {"source": "chrome-cve-admin@google.com", "url": "https://src.chromium.org/viewvc/blink?revision=176084&view=revision"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://googlechromereleases.blogspot.com/2014/07/stable-channel-update.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/60061"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/60372"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://security.gentoo.org/glsa/glsa-201408-16.xml"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2014/dsa-3039"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/68677"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://code.google.com/p/chromium/issues/detail?id=380885"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://src.chromium.org/viewvc/blink?revision=176084&view=revision"}], "sourceIdentifier": "chrome-cve-admin@google.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-264"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}