PT-2009-2943 · Google · Google Chrome+1

Publicado

2009-02-03

Atualizado

2009-02-04

CVE-2009-0276

CVSS v2.0

5.0

Média

Vetor

AV:N/AC:L/Au:N/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 1.0.154.46

Description A cross-domain issue in the V8 JavaScript engine allows remote attackers to bypass the Same Origin Policy. This can be achieved via a crafted script that accesses another frame, potentially reading its full URL and other sensitive information, or modifying the URL of the frame.

Recommendations For versions prior to 1.0.154.46, update to version 1.0.154.46 or later to resolve the issue.

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2009-0276

Produtos afetados

Google Chrome

V8 Javascript Engine

PT-2009-2943 · Google · Google Chrome+1

CVE-2009-0276

Identificadores relacionados

Produtos afetados

Referências · 6