2013-07-10 10:00:00
Chrome
PUBLISHED
The HTTPS implementation in Google Chrome before 28.0.1500.71 does not ensure that headers are terminated by rnrn (carriage return, newline, carriage return, newline), which allows man-in-the-middle attackers to have an unspecified impact via vectors that trigger header truncation.