CVE-2010-0315

Name of the Vulnerable Software and Affected Versions WebKit versions before r53607 Google Chrome versions before 4.0.249.89

Description The issue allows remote attackers to discover a redirect's target URL for a specific user's session on a web site. This is achieved by placing the site's URL in the HREF attribute of a stylesheet LINK element within an IFRAME element, and then reading the document.styleSheets[0].href property value.

Recommendations For WebKit versions before r53607, update to version r53607 or later. For Google Chrome versions before 4.0.249.89, update to version 4.0.249.89 or later.