[CVE-2011-2845] URL bar spoof in history handling (URL & SSL indicator Spoofing)

Titre: Google Chrome URL bar spoof in history handling (URL & SSL indicator Spoofing)

CVE-ID: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2845

Author: Security researcher Jordi Chancel

UPDATE Link: http://googlechromereleases.blogspot.fr/2011/10/chrome-stable-release.html

Description:

Google Chrome before 15.0.874.102 does not properly handle history data, which allows user-assisted remote attackers to spoof the URL bar via unspecified vectors.

Vidéo de démonstration :

Location Bar Spoofing Vulnerability with URL & SSL indicator Spoofing.

-Security Researcher Jordi Chancel