Issue 847030 link

Starred by 1 user

Issue metadata

Status:	Duplicate
Merged:	issue 149873
Owner:	----
Closed:	May 2018
Components:	UI>Browser>Omnibox
EstimatedDays:	----
NextAction:	----
OS:	----
Pri:	----
Type:	Bug-Security
Security_Impact-Stable allpublic

Security: Dragging and dropping URLs leads to address bar spoofing(CVE-2017-5417)

Reported by vladimir...@gmail.com, May 26 2018

Issue description

VULNERABILITY DETAILS

CVE-2017-5417("Dragging and dropping URLs leads to address bar spoofing
") is reproducible in Chrome.
Link to bug in mozilla bug tracker: https://bugzilla.mozilla.org/show_bug.cgi?id=791597

VERSION
Chrome Version: 66.0.3359.181 stable
Operating System: OS X 10.13.4

REPRODUCTION CASE

There is a PoC from Mozilla bug tracker: http://lcamtuf.coredump.cx/urldrag/ that is attached to this report.

According to the PoC: page shows hidden layout block on `onbeforeunload` hook during navigation to unaccessible address (accounts.google.com:1234).

exploit.html
792 bytes View Download

Comment 1 by elawrence@chromium.org, May 27 2018

Related:  Issue 698156

Comment 2 by elawrence@chromium.org, May 28 2018

Components: UI>Browser>Omnibox
Labels: Security_Impact-Stable

This is an exact duplicate of  Issue 149873 , in which it was decided not to do anything.

(Having said that, visually the spoof is pretty good, although the user-interaction requirement is a rather unrealistic).

Comment 3 by mea...@chromium.org, May 30 2018

Labels: -Restrict-View-SecurityTeam allpublic
Mergedinto: 149873
Status: Duplicate (was: Unconfirmed)

►

Issue 847030 link

Issue metadata

Security: Dragging and dropping URLs leads to address bar spoofing(CVE-2017-5417)

Issue description

Comment 1 by elawrence@chromium.org, May 27 2018

Comment 1 Deleted

Comment 2 by elawrence@chromium.org, May 28 2018

Comment 2 Deleted

Comment 3 by mea...@chromium.org, May 30 2018

Comment 3 Deleted

Sign in to add a comment