Improper Trust Determination in Google Chrome Allows for Phishing Attacks

Improper Trust Determination in Google Chrome Allows for Phishing Attacks

CVE-2013-2879 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:P/A:N

Google Chrome before 28.0.1500.71 does not properly determine the circumstances in which a renderer process can be considered a trusted process for sign-in and subsequent sync operations, which makes it easier for remote attackers to conduct phishing attacks via a crafted web site.

Learn more about our Cis Benchmark Audit For Google Chrome.