CVE-2014-1726

Published: 09 April 2014

The drag implementation in Google Chrome before 34.0.1847.116 allows user-assisted remote attackers to bypass the Same Origin Policy and forge local pathnames by leveraging renderer access.

Priority

Medium

Status

Package Release Status
chromium-browser
Launchpad, Ubuntu, Debian
Upstream
Released (34.0.1847.116)
Ubuntu 14.04 ESM (Trusty Tahr) Does not exist
(trusty was not-affected [34.0.1847.116-0ubuntu2])
oxide-qt
Launchpad, Ubuntu, Debian
Upstream Not vulnerable

Ubuntu 14.04 ESM (Trusty Tahr) Does not exist
(trusty was not-affected)