CVE-2010-0315
Google Chrome 3.0 - Style Sheet redirection Information Disclosure
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
2Exploited in Wild
-Decision
Descriptions
WebKit before r53607, as used in Google Chrome before 4.0.249.89, allows remote attackers to discover a redirect's target URL, for the session of a specific user of a web site, by placing the site's URL in the HREF attribute of a stylesheet LINK element, and then reading the document.styleSheets[0].href property value, related to an IFRAME element.
WebKit anterior a versión r53607, tal como es usado en Chrome de Google anterior a versión 4.0.249.89, permite a los atacantes remotos detectar la URL de destino de redireccionamiento, para la sesión de un usuario específico de un sitio web, mediante la colocación de la URL del sitio en el atributo HREF de un elemento LINK de hoja de estilos y, a continuación, leer el valor de la propiedad document.styleSheets[0].href, relacionado con un elemento IFRAME.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2010-01-14 CVE Reserved
- 2010-01-14 CVE Published
- 2010-01-22 First Exploit
- 2024-06-02 EPSS Updated
- 2024-08-07 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
CAPEC
References (17)
URL | Tag | Source |
---|---|---|
http://code.google.com/p/chromium/issues/detail?id=32309 | X_refsource_confirm | |
http://googlechromereleases.blogspot.com/2010/02/stable-channel-update.html | X_refsource_confirm | |
http://securitytracker.com/id?1023583 | Vdb Entry | |
http://sites.google.com/a/chromium.org/dev/Home/chromium-security/chromium-security-bugs | X_refsource_confirm | |
http://trac.webkit.org/changeset/53607 | X_refsource_confirm | |
http://www.securityfocus.com/bid/38177 | Vdb Entry | |
https://bugs.webkit.org/show_bug.cgi?id=33683 | X_refsource_confirm | |
https://exchange.xforce.ibmcloud.com/vulnerabilities/55683 | Vdb Entry | |
https://exchange.xforce.ibmcloud.com/vulnerabilities/56215 | Vdb Entry | |
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14452 | Signature |
URL | Date | SRC |
---|---|---|
https://www.exploit-db.com/exploits/33562 | 2010-01-22 | |
http://nomoreroot.blogspot.com/2010/01/little-bug-in-safari-and-google-chrome.html | 2024-08-07 |
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html | 2017-09-19 | |
http://secunia.com/advisories/38545 | 2017-09-19 | |
http://secunia.com/advisories/43068 | 2017-09-19 | |
http://www.vupen.com/english/advisories/2010/0361 | 2017-09-19 | |
http://www.vupen.com/english/advisories/2011/0212 | 2017-09-19 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Google Search vendor "Google" | Chrome Search vendor "Google" for product "Chrome" | <= 4.0.249.78 Search vendor "Google" for product "Chrome" and version " <= 4.0.249.78" | - |
Affected
| ||||||
Google Search vendor "Google" | Chrome Search vendor "Google" for product "Chrome" | 0.2.149.27 Search vendor "Google" for product "Chrome" and version "0.2.149.27" | - |
Affected
| ||||||
Google Search vendor "Google" | Chrome Search vendor "Google" for product "Chrome" | 0.2.149.29 Search vendor "Google" for product "Chrome" and version "0.2.149.29" | - |
Affected
| ||||||
Google Search vendor "Google" | Chrome Search vendor "Google" for product "Chrome" | 0.2.149.30 Search vendor "Google" for product "Chrome" and version "0.2.149.30" | - |
Affected
| ||||||
Google Search vendor "Google" | Chrome Search vendor "Google" for product "Chrome" | 0.2.152.1 Search vendor "Google" for product "Chrome" and version "0.2.152.1" | - |
Affected
| ||||||
Google Search vendor "Google" | Chrome Search vendor "Google" for product "Chrome" | 0.2.153.1 Search vendor "Google" for product "Chrome" and version "0.2.153.1" | - |
Affected
| ||||||
Google Search vendor "Google" | Chrome Search vendor "Google" for product "Chrome" | 0.3.154.0 Search vendor "Google" for product "Chrome" and version "0.3.154.0" | - |
Affected
| ||||||
Google Search vendor "Google" | Chrome Search vendor "Google" for product "Chrome" | 0.3.154.3 Search vendor "Google" for product "Chrome" and version "0.3.154.3" | - |
Affected
| ||||||
Google Search vendor "Google" | Chrome Search vendor "Google" for product "Chrome" | 0.4.154.18 Search vendor "Google" for product "Chrome" and version "0.4.154.18" | - |
Affected
| ||||||
Google Search vendor "Google" | Chrome Search vendor "Google" for product "Chrome" | 0.4.154.22 Search vendor "Google" for product "Chrome" and version "0.4.154.22" | - |
Affected
| ||||||
Google Search vendor "Google" | Chrome Search vendor "Google" for product "Chrome" | 0.4.154.31 Search vendor "Google" for product "Chrome" and version "0.4.154.31" | - |
Affected
| ||||||
Google Search vendor "Google" | Chrome Search vendor "Google" for product "Chrome" | 0.4.154.33 Search vendor "Google" for product "Chrome" and version "0.4.154.33" | - |
Affected
| ||||||
Google Search vendor "Google" | Chrome Search vendor "Google" for product "Chrome" | 1.0.154.36 Search vendor "Google" for product "Chrome" and version "1.0.154.36" | - |
Affected
| ||||||
Google Search vendor "Google" | Chrome Search vendor "Google" for product "Chrome" | 1.0.154.39 Search vendor "Google" for product "Chrome" and version "1.0.154.39" | - |
Affected
| ||||||
Google Search vendor "Google" | Chrome Search vendor "Google" for product "Chrome" | 1.0.154.42 Search vendor "Google" for product "Chrome" and version "1.0.154.42" | - |
Affected
| ||||||
Google Search vendor "Google" | Chrome Search vendor "Google" for product "Chrome" | 1.0.154.43 Search vendor "Google" for product "Chrome" and version "1.0.154.43" | - |
Affected
| ||||||
Google Search vendor "Google" | Chrome Search vendor "Google" for product "Chrome" | 1.0.154.46 Search vendor "Google" for product "Chrome" and version "1.0.154.46" | - |
Affected
| ||||||
Google Search vendor "Google" | Chrome Search vendor "Google" for product "Chrome" | 1.0.154.48 Search vendor "Google" for product "Chrome" and version "1.0.154.48" | - |
Affected
| ||||||
Google Search vendor "Google" | Chrome Search vendor "Google" for product "Chrome" | 1.0.154.52 Search vendor "Google" for product "Chrome" and version "1.0.154.52" | - |
Affected
| ||||||
Google Search vendor "Google" | Chrome Search vendor "Google" for product "Chrome" | 1.0.154.53 Search vendor "Google" for product "Chrome" and version "1.0.154.53" | - |
Affected
| ||||||
Google Search vendor "Google" | Chrome Search vendor "Google" for product "Chrome" | 1.0.154.59 Search vendor "Google" for product "Chrome" and version "1.0.154.59" | - |
Affected
| ||||||
Google Search vendor "Google" | Chrome Search vendor "Google" for product "Chrome" | 1.0.154.65 Search vendor "Google" for product "Chrome" and version "1.0.154.65" | - |
Affected
| ||||||
Google Search vendor "Google" | Chrome Search vendor "Google" for product "Chrome" | 2.0.156.1 Search vendor "Google" for product "Chrome" and version "2.0.156.1" | - |
Affected
| ||||||
Google Search vendor "Google" | Chrome Search vendor "Google" for product "Chrome" | 2.0.157.0 Search vendor "Google" for product "Chrome" and version "2.0.157.0" | - |
Affected
| ||||||
Google Search vendor "Google" | Chrome Search vendor "Google" for product "Chrome" | 2.0.157.2 Search vendor "Google" for product "Chrome" and version "2.0.157.2" | - |
Affected
| ||||||
Google Search vendor "Google" | Chrome Search vendor "Google" for product "Chrome" | 2.0.158.0 Search vendor "Google" for product "Chrome" and version "2.0.158.0" | - |
Affected
| ||||||
Google Search vendor "Google" | Chrome Search vendor "Google" for product "Chrome" | 2.0.159.0 Search vendor "Google" for product "Chrome" and version "2.0.159.0" | - |
Affected
| ||||||
Google Search vendor "Google" | Chrome Search vendor "Google" for product "Chrome" | 2.0.169.0 Search vendor "Google" for product "Chrome" and version "2.0.169.0" | - |
Affected
| ||||||
Google Search vendor "Google" | Chrome Search vendor "Google" for product "Chrome" | 2.0.169.1 Search vendor "Google" for product "Chrome" and version "2.0.169.1" | - |
Affected
| ||||||
Google Search vendor "Google" | Chrome Search vendor "Google" for product "Chrome" | 2.0.170.0 Search vendor "Google" for product "Chrome" and version "2.0.170.0" | - |
Affected
| ||||||
Google Search vendor "Google" | Chrome Search vendor "Google" for product "Chrome" | 2.0.172 Search vendor "Google" for product "Chrome" and version "2.0.172" | - |
Affected
| ||||||
Google Search vendor "Google" | Chrome Search vendor "Google" for product "Chrome" | 2.0.172.2 Search vendor "Google" for product "Chrome" and version "2.0.172.2" | - |
Affected
| ||||||
Google Search vendor "Google" | Chrome Search vendor "Google" for product "Chrome" | 2.0.172.8 Search vendor "Google" for product "Chrome" and version "2.0.172.8" | - |
Affected
| ||||||
Google Search vendor "Google" | Chrome Search vendor "Google" for product "Chrome" | 2.0.172.27 Search vendor "Google" for product "Chrome" and version "2.0.172.27" | - |
Affected
| ||||||
Google Search vendor "Google" | Chrome Search vendor "Google" for product "Chrome" | 2.0.172.28 Search vendor "Google" for product "Chrome" and version "2.0.172.28" | - |
Affected
| ||||||
Google Search vendor "Google" | Chrome Search vendor "Google" for product "Chrome" | 2.0.172.30 Search vendor "Google" for product "Chrome" and version "2.0.172.30" | - |
Affected
| ||||||
Google Search vendor "Google" | Chrome Search vendor "Google" for product "Chrome" | 2.0.172.31 Search vendor "Google" for product "Chrome" and version "2.0.172.31" | - |
Affected
| ||||||
Google Search vendor "Google" | Chrome Search vendor "Google" for product "Chrome" | 2.0.172.33 Search vendor "Google" for product "Chrome" and version "2.0.172.33" | - |
Affected
| ||||||
Google Search vendor "Google" | Chrome Search vendor "Google" for product "Chrome" | 2.0.172.37 Search vendor "Google" for product "Chrome" and version "2.0.172.37" | - |
Affected
| ||||||
Google Search vendor "Google" | Chrome Search vendor "Google" for product "Chrome" | 2.0.172.38 Search vendor "Google" for product "Chrome" and version "2.0.172.38" | - |
Affected
| ||||||
Google Search vendor "Google" | Chrome Search vendor "Google" for product "Chrome" | 3.0.182.2 Search vendor "Google" for product "Chrome" and version "3.0.182.2" | - |
Affected
| ||||||
Google Search vendor "Google" | Chrome Search vendor "Google" for product "Chrome" | 3.0.190.2 Search vendor "Google" for product "Chrome" and version "3.0.190.2" | - |
Affected
| ||||||
Google Search vendor "Google" | Chrome Search vendor "Google" for product "Chrome" | 3.0.193.2 Search vendor "Google" for product "Chrome" and version "3.0.193.2" | beta |
Affected
| ||||||
Google Search vendor "Google" | Chrome Search vendor "Google" for product "Chrome" | 3.0.195.21 Search vendor "Google" for product "Chrome" and version "3.0.195.21" | - |
Affected
| ||||||
Google Search vendor "Google" | Chrome Search vendor "Google" for product "Chrome" | 3.0.195.24 Search vendor "Google" for product "Chrome" and version "3.0.195.24" | - |
Affected
| ||||||
Google Search vendor "Google" | Chrome Search vendor "Google" for product "Chrome" | 3.0.195.32 Search vendor "Google" for product "Chrome" and version "3.0.195.32" | - |
Affected
| ||||||
Google Search vendor "Google" | Chrome Search vendor "Google" for product "Chrome" | 3.0.195.33 Search vendor "Google" for product "Chrome" and version "3.0.195.33" | - |
Affected
|