[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244411

 
 

909

 
 

193363

 
 

277

Paid content will be excluded from the download.


Download | Alert*
OVAL

Same origin policy bypass vulnerability in Google Chrome via a crafted script (rpm)

ID: oval:org.secpod.oval:def:36782Date: (C)2016-08-22   (M)2022-03-23
Class: VULNERABILITYFamily: unix




The host is installed with Google Chrome before 1.0.154.46 and is prone to a same origin policy bypass vulnerability. A flaw is present in the application, which fails to handle a crafted script that accesses another frame and reads its full URL and possibly other sensitive information, or modifies the URL of this frame. Successful exploitation allows remote attackers to bypass same origin policy.

Platform:
Linux
Product:
Google Chrome
Reference:
CVE-2009-0276
CVE    1
CVE-2009-0276
CPE    14
cpe:/a:google:chrome:0.4.154.18
cpe:/a:google:chrome:1.0.154.39
cpe:/a:google:chrome:::x64
cpe:/a:google:chrome:::x86
...

© SecPod Technologies