// For flags

CVE-2009-0276

 

Severity Score

5.0
*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

Cross-domain vulnerability in the V8 JavaScript engine in Google Chrome before 1.0.154.46 allows remote attackers to bypass the Same Origin Policy via a crafted script that accesses another frame and reads its full URL and possibly other sensitive information, or modifies the URL of this frame.

Vulnerabilidad de dominio cruzado en la V8 del motor JavaScript en Google Chrome anterior a 1.0.154.46, permite a atacantes remotos evitar la Política del Mismo Origen (Same Origin Policy) a través de una secuencia de comandos que accede a otro marco (frame) y lee su URL completa y probablemente otra información sensible, o modifica la URL de ese marco (frame).

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Authentication
None
Confidentiality
Partial
Integrity
None
Availability
None
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2009-01-26 CVE Reserved
  • 2009-02-03 CVE Published
  • 2024-09-17 CVE Updated
  • 2024-09-17 EPSS Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Google
Search vendor "Google"
Chrome
Search vendor "Google" for product "Chrome"
<= 1.0.154.43
Search vendor "Google" for product "Chrome" and version " <= 1.0.154.43"
-
Affected
Google
Search vendor "Google"
Chrome
Search vendor "Google" for product "Chrome"
0.2.152.1
Search vendor "Google" for product "Chrome" and version "0.2.152.1"
-
Affected
Google
Search vendor "Google"
Chrome
Search vendor "Google" for product "Chrome"
0.2.153.1
Search vendor "Google" for product "Chrome" and version "0.2.153.1"
-
Affected
Google
Search vendor "Google"
Chrome
Search vendor "Google" for product "Chrome"
0.3.154.0
Search vendor "Google" for product "Chrome" and version "0.3.154.0"
-
Affected
Google
Search vendor "Google"
Chrome
Search vendor "Google" for product "Chrome"
0.3.154.3
Search vendor "Google" for product "Chrome" and version "0.3.154.3"
-
Affected
Google
Search vendor "Google"
Chrome
Search vendor "Google" for product "Chrome"
0.4.154.18
Search vendor "Google" for product "Chrome" and version "0.4.154.18"
-
Affected
Google
Search vendor "Google"
Chrome
Search vendor "Google" for product "Chrome"
0.4.154.22
Search vendor "Google" for product "Chrome" and version "0.4.154.22"
-
Affected
Google
Search vendor "Google"
Chrome
Search vendor "Google" for product "Chrome"
0.4.154.31
Search vendor "Google" for product "Chrome" and version "0.4.154.31"
-
Affected
Google
Search vendor "Google"
Chrome
Search vendor "Google" for product "Chrome"
0.4.154.33
Search vendor "Google" for product "Chrome" and version "0.4.154.33"
-
Affected
Google
Search vendor "Google"
Chrome
Search vendor "Google" for product "Chrome"
1.0.154.36
Search vendor "Google" for product "Chrome" and version "1.0.154.36"
-
Affected
Google
Search vendor "Google"
Chrome
Search vendor "Google" for product "Chrome"
1.0.154.39
Search vendor "Google" for product "Chrome" and version "1.0.154.39"
-
Affected
Google
Search vendor "Google"
Chrome
Search vendor "Google" for product "Chrome"
1.0.154.42
Search vendor "Google" for product "Chrome" and version "1.0.154.42"
-
Affected