Google Chrome HTTPS Address Bar Spoofing

From: ACROS Security Lists <>
Subject: Google Chrome HTTPS Address Bar Spoofing

Google awarded one of our security researchers a Chromium Security Reward for an
HTTPS address bar spoofing bug in Chrome 14 and 15 (although it may be present in
older versions too). The bug was fixed in Chrome 16, most browsers seem to be updated
and we're happy to share technical details with the research community.


Enjoy the reading!

Mitja Kolsek, CEO

ACROS, d.o.o.
Makedonska ulica 113, SI - 2000 Maribor, Slovenia
Tel +386.2.3000.280  Fax +386.2.3000.282
Blg  Twt @acrossecurity

ACROS Security: Finding Your Digital Vulnerabilities Before Others Do

Copyright © 1995-2020 All rights reserved.