Google Chrome information leakage (CVE-2014-3166)

Google Chrome information leakage (CVE-2014-3166)

Release date:
Updated on:

Affected Systems:
Google Chrome <36.0.1985.143
Description:
--------------------------------------------------------------------------------
Bugtraq id: 69202
CVE (CAN) ID: CVE-2014-3166
 
Google Chrome is a Web browser tool developed by Google.
 
In versions earlier than Chrome 36.0.1985.143, a security vulnerability exists in the implementation of PKP. The SPDY connection attribute is not properly considered. Remote attackers can exploit this vulnerability to obtain sensitive information through multiple domain names.
 
<* Source: Antoine Delignat-Lavaud
*>

Suggestion:
--------------------------------------------------------------------------------
Vendor patch:
 
Google
------
The vendor has released a patch to fix this security problem. Please download it from the vendor's homepage:
 
Http://googlechromereleases.blogspot.com/2014/08/stable-channel-update.html
Https://src.chromium.org/viewvc/chrome? Revision = 288435 & view = revision
Https://code.google.com/p/chromium/issues/detail? Id = 398925
Http://googlechromereleases.blogspot.com/2014/08/chrome-for-android-update.html

Install Google Chrome in Ubuntu 14.04 LTS

Solution to Chrome dependency installation in Ubuntu 13.04

Install Chrome in openSUSE

Install Google Chrome 35 Beta for Linux Users

Install Google Chrome in CentOS 6.x

Chrome details: click here
Chrome: click here

This article permanently updates the link address: