PT-2010-2408 · Google+1 · Google Chrome+1
Publicado
2010-02-18
·
Atualizado
2017-09-19
·
CVE-2010-0656
CVSS v2.0
4.3
Média
| Vetor | AV:N/AC:M/Au:N/C:P/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
WebKit versions before r51295
Google Chrome versions before 4.0.249.78
Description
The issue allows attackers to obtain sensitive information or possibly have unspecified other impact via a crafted local HTML document, by presenting a directory-listing page in response to an XMLHttpRequest for a file:/// URL that corresponds to a directory.
Recommendations
For WebKit versions before r51295, update to version r51295 or later.
For Google Chrome versions before 4.0.249.78, update to version 4.0.249.78 or later.
Correção
Information Disclosure
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Google Chrome
Webkit