CVE-2013-6166

Publication date 15 February 2014

Last updated 24 July 2024

Google Chrome before 29 sends HTTP Cookie headers without first validating that they have the required character-set restrictions, which allows remote attackers to conduct the equivalent of a persistent Logout CSRF attack via a crafted parameter that forces a web application to set a malformed cookie within an HTTP response.

Status

Show unmaintained releases

No maintained releases are affected by this CVE.

Package	Ubuntu Release	Status
chromium-browser	13.10 saucy	Fixed 31.0.1650.63-0ubuntu0.13.10.1~20131204.1
	13.04 raring	Fixed 31.0.1650.63-0ubuntu0.13.04.1~20131204.1
	12.10 quantal	Fixed 31.0.1650.63-0ubuntu0.12.10.1~20131204.1
	12.04 LTS precise	Fixed 31.0.1650.63-0ubuntu0.12.04.1~20131204.1
	10.04 LTS lucid	Ignored end of life

How can I get the fixes?
What do statuses mean?

References

MITRE
NVD
Launchpad
Debian

Other references

http://www.openwall.com/lists/oss-security/2013/04/03/10
http://www.openwall.com/lists/oss-security/2013/10/17/2
http://redmine.lighttpd.net/issues/2188
https://code.google.com/p/chromium/issues/detail?id=238041
https://www.cve.org/CVERecord?id=CVE-2013-6166