CVE-2013-2876 Information

Description

browser/extensions/api/tabs/tabs_api.cc in Google Chrome before 28.0.1500.71 does not properly enforce restrictions on the capture of screenshots by extensions which allows remote attackers to obtain sensitive information about the content of a previous page via vectors involving an interstitial page.

Reference

http://git.chromium.org/gitweb/?p=chromium/chromium.git;a=commit;h=ac41418e77bf9d82a6e7875c504fad5fd2ba1f7f http://googlechromereleases.blogspot.com/2013/07/stable-channel-update.html http://www.debian.org/security/2013/dsa-2724 https://code.google.com/p/chromium/issues/detail?id=229504 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A17350