PT-2012-47: Information disclosure in Google Chrome on Android
Google Chrome on Android
Version: 18.0.1025123 and earlier
Severity level: Medium
Impact: Information disclosure
Access Vector: Remote
Base Score: 5.0
Google Chrome is a web browser for Android.
The specialists of the Positive Research center have detected "Information disclosure " vulnerability in Google Chrome on Android.
Google Chrome on Android does not properly restrict access to file: URLs, which allows remote attackers to obtain sensitive information via unspecified vectors, as demonstrated by obtaining credential data.
How to fix
Update your software up to the latest version
20.07.2012 - Vendor is notified
20.07.2012 - Vendor gets vulnerability details
12.09.2012 - Vendor releases fixed version and details
21.09.2012 - Public disclosure
The vulnerability has discovered by Artem Chaykin, Positive Research Center (Positive Technologies Company)
Reports on the vulnerabilities previously discovered by Positive Research: