CVE-2009-2352
Google Chrome 0.3.154 - 'JavaScript:' URI in 'Refresh' Header Cross-Site Scripting
Severity Score
6.1
*CVSS v3
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
2
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Google Chrome 1.0.154.48 and earlier does not block javascript: URIs in Refresh headers in HTTP responses, which allows remote attackers to conduct cross-site scripting (XSS) attacks via vectors related to (1) injecting a Refresh header or (2) specifying the content of a Refresh header, a related issue to CVE-2009-1312. NOTE: it was later reported that 2.0.172.28, 2.0.172.37, and 3.0.193.2 Beta are also affected.
Chrome de Google versiones 1.0.154.48 y anteriores, no bloquea los URI javascript: en encabezados Refresh en respuestas HTTP, que permite a los atacantes remotos conducir ataques de tipo cross-site scripting (XSS) por medio de vectores relacionados con (1) inyectar un encabezado Refresh o ( 2) especificar el contenido de un encabezado Refresh, este es un problema relacionado con el CVE-2009-1312. NOTA: más tarde se reportó que las versiones 2.0.172.28, 2.0.172.37 y 3.0.193.2 Beta también están afectadas.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2009-06-03 First Exploit
- 2009-07-07 CVE Reserved
- 2009-07-07 CVE Published
- 2024-08-07 CVE Updated
- 2024-12-17 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CAPEC
References (6)
| URL | Tag | Source |
|---|---|---|
| http://websecurity.com.ua/3275 | X_refsource_misc | |
| http://websecurity.com.ua/3386 | X_refsource_misc | |
| http://www.securityfocus.com/archive/1/504718/100/0/threaded | Mailing List | |
| http://www.securityfocus.com/archive/1/504723/100/0/threaded | Mailing List |
| URL | Date | SRC |
|---|---|---|
| https://www.exploit-db.com/exploits/33064 | 2009-06-03 | |
| http://www.securityfocus.com/bid/35572 | 2024-08-07 |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Google Search vendor "Google" | Chrome Search vendor "Google" for product "Chrome" | <= 1.0.154.48 Search vendor "Google" for product "Chrome" and version " <= 1.0.154.48" | - |
Affected
| ||||||
| Google Search vendor "Google" | Chrome Search vendor "Google" for product "Chrome" | 0.2.149.29 Search vendor "Google" for product "Chrome" and version "0.2.149.29" | - |
Affected
| ||||||
| Google Search vendor "Google" | Chrome Search vendor "Google" for product "Chrome" | 0.2.149.30 Search vendor "Google" for product "Chrome" and version "0.2.149.30" | - |
Affected
| ||||||
| Google Search vendor "Google" | Chrome Search vendor "Google" for product "Chrome" | 0.2.152.1 Search vendor "Google" for product "Chrome" and version "0.2.152.1" | - |
Affected
| ||||||
| Google Search vendor "Google" | Chrome Search vendor "Google" for product "Chrome" | 0.2.153.1 Search vendor "Google" for product "Chrome" and version "0.2.153.1" | - |
Affected
| ||||||
| Google Search vendor "Google" | Chrome Search vendor "Google" for product "Chrome" | 0.3.154.0 Search vendor "Google" for product "Chrome" and version "0.3.154.0" | - |
Affected
| ||||||
| Google Search vendor "Google" | Chrome Search vendor "Google" for product "Chrome" | 0.3.154.3 Search vendor "Google" for product "Chrome" and version "0.3.154.3" | - |
Affected
| ||||||
| Google Search vendor "Google" | Chrome Search vendor "Google" for product "Chrome" | 0.4.154.18 Search vendor "Google" for product "Chrome" and version "0.4.154.18" | - |
Affected
| ||||||
| Google Search vendor "Google" | Chrome Search vendor "Google" for product "Chrome" | 0.4.154.22 Search vendor "Google" for product "Chrome" and version "0.4.154.22" | - |
Affected
| ||||||
| Google Search vendor "Google" | Chrome Search vendor "Google" for product "Chrome" | 0.4.154.31 Search vendor "Google" for product "Chrome" and version "0.4.154.31" | - |
Affected
| ||||||
| Google Search vendor "Google" | Chrome Search vendor "Google" for product "Chrome" | 0.4.154.33 Search vendor "Google" for product "Chrome" and version "0.4.154.33" | - |
Affected
| ||||||
| Google Search vendor "Google" | Chrome Search vendor "Google" for product "Chrome" | 1.0.154.36 Search vendor "Google" for product "Chrome" and version "1.0.154.36" | - |
Affected
| ||||||
| Google Search vendor "Google" | Chrome Search vendor "Google" for product "Chrome" | 1.0.154.39 Search vendor "Google" for product "Chrome" and version "1.0.154.39" | - |
Affected
| ||||||
| Google Search vendor "Google" | Chrome Search vendor "Google" for product "Chrome" | 1.0.154.42 Search vendor "Google" for product "Chrome" and version "1.0.154.42" | - |
Affected
| ||||||
| Google Search vendor "Google" | Chrome Search vendor "Google" for product "Chrome" | 1.0.154.43 Search vendor "Google" for product "Chrome" and version "1.0.154.43" | - |
Affected
| ||||||
| Google Search vendor "Google" | Chrome Search vendor "Google" for product "Chrome" | 1.0.154.46 Search vendor "Google" for product "Chrome" and version "1.0.154.46" | - |
Affected
| ||||||