CVE-2010-3115

Sažetak

Google Chrome before 5.0.375.127, and webkitgtk before 1.2.6, does not properly implement the history feature, which might allow remote attackers to spoof the address bar via unspecified vectors.

Reference

http://code.google.com/p/chromium/issues/detail?id=49964
http://googlechromereleases.blogspot.com/2010/08/stable-channel-update_19.html
http://secunia.com/advisories/41856
http://secunia.com/advisories/43086
http://www.mandriva.com/security/advisories?name=MDVSA-2011:039
http://www.redhat.com/support/errata/RHSA-2011-0177.html
http://www.securityfocus.com/bid/44203
http://www.ubuntu.com/usn/USN-1006-1
http://www.vupen.com/english/advisories/2010/2722
http://www.vupen.com/english/advisories/2011/0216
http://www.vupen.com/english/advisories/2011/0552
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11953

CVSS

Base:	5.0
Impact:	2.9
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
NONE	PARTIAL	NONE

CVSS vektor

AV:N/AC:L/Au:N/C:N/I:P/A:N

Zadnje važnije ažuriranje

04-08-2020 - 16:37

Objavljeno

24-08-2010 - 20:00