New issue
Advanced search Search tips
Starred by 2 users

Issue metadata

Status: Duplicate
Merged: issue 51680
Owner: ----
Closed: Oct 2010
Components:
EstimatedDays: ----
NextAction: ----
OS: ----
Pri: 2
Type: Bug-Security

Restricted
  • Only users with Commit permission may comment.



Sign in to add a comment
link

Issue 54261: Possible Location Bar & SSL Spoofing

Reported by jconsult...@gmail.com, Sep 2 2010

Issue description

Chrome Version       : 6.0.472.53

Other browsers tested:
Add OK or FAIL after other browsers where you have tested this issue:
     Safari 4:FAIL
  Firefox 3.x:FAIL
         IE 7:FAIL
         IE 8:FAIL

What steps will reproduce the problem?
1. Open a new tab and go to https://www.alternativ-testing.fr/chromeSpoof56f4d654fd/index5.php
2. go to https://www.alternativ-testing.fr/chromeSpoof56f4d654fd/index5.php#test
3. Reload and Back

What is the expected result?
The location bar is Spoofed with valid SSL/TLS certificate.
 
spoof.png
107 KB View Download

Comment 1 by rsleevi@chromium.org, Oct 10 2010

Labels: -Area-Undefined Area-Internals Security
Flagging as security. Original links appear to be unavailable, more (non-technical) discussion at https://www.alternativ-testing.fr/blog/index.php?post/2010/Google-Chrome-Location-bar-Spoofing

Comment 2 by jsc...@chromium.org, Oct 10 2010

Labels: Restrict-View-SecurityTeam
Mergedinto: 51680
Status: Duplicate

Comment 3 by jsc...@chromium.org, Mar 21 2011

Labels: Type-Security

Comment 4 by bugdroid1@chromium.org, Oct 13 2012

Project Member
Labels: Restrict-AddIssueComment-Commit
Mergedinto: chromium:51680
This issue has been closed for some time. No one will pay attention to new comments.
If you are seeing this bug or have new data, please click New Issue to start a new bug.

Comment 5 by bugdroid1@chromium.org, Mar 10 2013

Project Member
Labels: -Area-Internals -Type-Security Cr-Internals Type-Bug-Security

Comment 6 by bugdroid1@chromium.org, Mar 13 2013

Project Member
Labels: Restrict-View-EditIssue

Comment 7 by ClusterFuzz, Feb 6 2014

Project Member
Labels: -Restrict-View-SecurityTeam -Restrict-View-EditIssue
Bulk update: removing view restriction from closed bugs.

Comment 8 by mbarbe...@chromium.org, Oct 2 2016

Labels: allpublic

Sign in to add a comment