New issue
Advanced search Search tips

Issue 636328 link

Starred by 1 user
Status: Duplicate
Merged: issue 149873
Owner: ----
Closed: Aug 2016
EstimatedDays: ----
NextAction: ----
OS: Windows
Pri: 2
Type: Bug-Security



Sign in to add a comment

Security: Address Bar Spoofing in Chrome 54.0.2823.0

Reported by martinzh...@gmail.com, Aug 10 2016 
UserAgent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2823.0 Safari/537.36

Steps to reproduce the problem:
1. Open the attached file drag_spoof_poc.htm
2. Drag the words 'DRAG ME TO Omnibox' to the address bar
3. Then the spoofed pages will be shown

What is the expected behavior?

What went wrong?
The attackers could spoof the Address bar through this vulnerability. The address bar changes before the full web page has been loaded.

Affected Version:
54.0.2823.0 canary (64-bit)
52.0.2743.116 m (64-bit)

Did this work before? N/A 

Chrome version: 54.0.2823.0  Channel: n/a
OS Version: 6.1 (Windows 7, Windows Server 2008 R2)
Flash Version: Shockwave Flash 22.0 r0
drag_spoof_poc.htm
565 bytes View Download
PoC.png
47.8 KB View Download

Comment 1 by martinzh...@gmail.com, Aug 10 2016 

The HTTPS protocol in the address bar could also be spoofed.
drag_spoof_https_poc.htm
545 bytes View Download

Comment 2 by och...@chromium.org, Aug 10 2016

Labels: -Restrict-View-SecurityTeam
Mergedinto: 149873
Status: Duplicate (was: Unconfirmed)
This is  bug 149873 .
Project Member

Comment 3 by sheriffbot@chromium.org, Nov 17 2016

Labels: allpublic
This bug has been closed for more than 14 weeks. Removing security view restrictions.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot

Sign in to add a comment