CVE-2010-0650

Опубликовано: 18 фев. 2010

Источник: nvd

CVSS2: 2.6

EPSS Низкий

Описание

WebKit, as used in Google Chrome before 4.0.249.78 and Apple Safari, allows remote attackers to bypass intended restrictions on popup windows via crafted use of a mouse click event.

Ссылки

http://code.google.com/p/chromium/issues/detail?id=3275
Exploit
Vendor Advisory
http://googlechromereleases.blogspot.com/2010/01/stable-channel-update_25.html
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html
Mailing List
Third Party Advisory
http://secunia.com/advisories/41856
Third Party Advisory
http://secunia.com/advisories/43068
Third Party Advisory
http://securitytracker.com/id?1023506
Third Party Advisory
VDB Entry
http://sites.google.com/a/chromium.org/dev/Home/chromium-security/chromium-security-bugs
Vendor Advisory
http://www.mandriva.com/security/advisories?name=MDVSA-2011:039
Third Party Advisory
http://www.securityfocus.com/bid/38373
Third Party Advisory
VDB Entry
http://www.ubuntu.com/usn/USN-1006-1
Third Party Advisory
http://www.vupen.com/english/advisories/2010/2722
Third Party Advisory
http://www.vupen.com/english/advisories/2011/0212
Third Party Advisory
http://www.vupen.com/english/advisories/2011/0552
Third Party Advisory
https://bugs.webkit.org/show_bug.cgi?id=21501
Permissions Required
Third Party Advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13791
Third Party Advisory
http://code.google.com/p/chromium/issues/detail?id=3275
Exploit
Vendor Advisory
http://googlechromereleases.blogspot.com/2010/01/stable-channel-update_25.html
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html
Mailing List
Third Party Advisory
http://secunia.com/advisories/41856
Third Party Advisory
http://secunia.com/advisories/43068
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*

Версия до 4.0.249.78 (исключая)

Конфигурация 2

cpe:2.3:a:apple:safari:-:*:*:*:*:*:*:*

Конфигурация 3

Одно из

cpe:2.3:o:canonical:ubuntu_linux:9.10:*:*:*:*:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:lts:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:10.10:*:*:*:*:*:*:*

EPSS

Процентиль: 81%

0.01571

Низкий

2.6 Low

CVSS2

Дефекты

CWE-264

Связанные уязвимости

CVE-2010-0650

ubuntu

почти 16 лет назад

WebKit, as used in Google Chrome before 4.0.249.78 and Apple Safari, allows remote attackers to bypass intended restrictions on popup windows via crafted use of a mouse click event.

CVE-2010-0650

redhat

около 17 лет назад

WebKit, as used in Google Chrome before 4.0.249.78 and Apple Safari, allows remote attackers to bypass intended restrictions on popup windows via crafted use of a mouse click event.

CVE-2010-0650

debian

почти 16 лет назад

WebKit, as used in Google Chrome before 4.0.249.78 and Apple Safari, a ...

GHSA-3hxx-7wff-xwh8

github

больше 3 лет назад

WebKit, as used in Google Chrome before 4.0.249.78 and Apple Safari, allows remote attackers to bypass intended restrictions on popup windows via crafted use of a mouse click event.

EPSS

Процентиль: 81%

0.01571

Низкий

2.6 Low

CVSS2

Дефекты

CWE-264