[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

248392

 
 

909

 
 

195452

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2010-3115Date: (C)2010-08-24   (M)2024-02-09


Google Chrome before 5.0.375.127, and webkitgtk before 1.2.6, does not properly implement the history feature, which might allow remote attackers to spoof the address bar via unspecified vectors.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 5.0
Exploit Score: 10.0
Impact Score: 2.9
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality: NONE
Integrity: PARTIAL
Availability: NONE
  
Reference:
SECUNIA-41856
SECUNIA-43086
BID-44203
ADV-2010-2722
ADV-2011-0216
ADV-2011-0552
MDVSA-2011:039
RHSA-2011:0177
USN-1006-1
http://code.google.com/p/chromium/issues/detail?id=49964
http://googlechromereleases.blogspot.com/2010/08/stable-channel-update_19.html
oval:org.mitre.oval:def:11953

CPE    4
cpe:/a:google:chrome
cpe:/a:webkitgtk:webkitgtk
cpe:/o:canonical:ubuntu_linux:10.10
cpe:/o:canonical:ubuntu_linux:9.10
...
OVAL    12
oval:org.secpod.oval:def:17676
oval:org.secpod.oval:def:17675
oval:org.secpod.oval:def:17684
oval:org.secpod.oval:def:17683
...

© SecPod Technologies