Improper Trust Determination in Google Chrome Allows for Phishing Attacks
CVE-2013-2879 · MEDIUM Severity
AV:N/AC:M/AU:N/C:P/I:P/A:N
Google Chrome before 28.0.1500.71 does not properly determine the circumstances in which a renderer process can be considered a trusted process for sign-in and subsequent sync operations, which makes it easier for remote attackers to conduct phishing attacks via a crafted web site.
Learn more about our Cis Benchmark Audit For Google Chrome.