Cross-Browser Issue CVE-2019-11695: Custom cursor can render over user interface outside of web content
[CVE-2017-5041] Google Chrome Location Bar URL & SSL Spoofing in Omnibox
[Opera Security Advisory DNA-19280] Address bar spoofing with Data URIs
[CVE-2011-2845] URL bar spoof in history handling (URL & SSL indicator Spoofing)
Titre: Google Chrome URL bar spoof in history handling (URL & SSL indicator Spoofing)
CVE-ID: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2845
Author: Security researcher Jordi Chancel
UPDATE Link: http://googlechromereleases.blogspot.fr/2011/10/chrome-stable-release.html
Description:
Google Chrome before 15.0.874.102 does not properly handle history data, which allows user-assisted remote attackers to spoof the URL bar via unspecified vectors.
- Vidéo de démonstration :
Location Bar Spoofing Vulnerability with URL & SSL indicator Spoofing.
-Security Researcher Jordi Chancel