CVE-2010-1767

Опубликовано: 24 сент. 2010

Источник: nvd

CVSS2: 6.8

EPSS Низкий

Описание

Cross-site request forgery (CSRF) vulnerability in loader/DocumentThreadableLoader.cpp in WebCore in WebKit before r57041, as used in Google Chrome before 4.1.249.1059, allows remote attackers to hijack the authentication of unspecified victims via a crafted synchronous preflight XMLHttpRequest operation.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*

Версия до 4.1.249.1058 (включая)

cpe:2.3:a:google:chrome:1.0.154.53:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:1.0.154.59:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:1.0.154.64:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:1.0.154.65:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:2.0.169.0:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:2.0.169.1:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:2.0.170.0:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:2.0.172.2:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:2.0.172.8:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:2.0.172.27:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:2.0.172.28:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:2.0.172.30:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:2.0.172.33:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:2.0.172.37:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:2.0.172.38:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:3.0.182.2:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:3.0.195.2:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:3.0.195.21:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:3.0.195.24:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:3.0.195.25:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:3.0.195.27:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:3.0.195.33:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:3.0.195.36:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:3.0.195.37:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:3.0.195.38:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.0.212.0:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.0.212.1:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.0.221.8:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.0.222.0:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.0.222.1:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.0.222.5:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.0.222.12:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.0.223.0:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.0.223.1:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.0.223.2:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.0.223.4:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.0.223.5:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.0.223.7:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.0.223.8:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.0.223.9:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.0.224.0:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.0.229.1:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.0.235.0:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.0.236.0:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.0.237.0:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.0.237.1:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.0.239.0:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.0.240.0:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.0.241.0:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.0.242.0:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.0.243.0:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.0.244.0:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.0.245.0:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.0.245.1:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.0.246.0:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.0.247.0:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.0.248.0:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.0.249.0:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.0.249.1:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.0.249.2:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.0.249.3:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.0.249.4:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.0.249.5:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.0.249.6:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.0.249.7:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.0.249.8:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.0.249.9:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.0.249.10:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.0.249.11:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.0.249.12:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.0.249.14:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.0.249.16:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.0.249.17:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.0.249.18:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.0.249.19:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.0.249.20:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.0.249.21:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.0.249.22:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.0.249.23:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.0.249.24:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.0.249.25:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.0.249.26:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.0.249.27:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.0.249.28:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.0.249.29:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.0.249.30:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.0.249.31:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.0.249.32:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.0.249.33:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.0.249.34:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.0.249.35:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.0.249.36:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.0.249.37:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.0.249.38:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.0.249.39:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.0.249.40:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.0.249.41:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.0.249.42:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.0.249.43:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.0.249.44:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.0.249.45:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.0.249.46:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.0.249.47:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.0.249.48:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.0.249.49:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.0.249.50:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.0.249.51:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.0.249.52:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.0.249.53:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.0.249.54:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.0.249.55:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.0.249.56:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.0.249.57:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.0.249.58:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.0.249.59:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.0.249.61:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.0.249.62:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.0.249.63:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.0.249.64:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.0.249.65:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.0.249.66:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.0.249.67:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.0.249.68:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.0.249.69:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.0.249.70:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.0.249.71:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.0.249.72:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.0.249.73:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.0.249.74:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.0.249.75:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.0.249.76:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.0.249.77:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.0.249.78:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.0.249.78:beta:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.0.249.79:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.0.249.80:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.0.249.81:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.0.249.82:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.0.249.89:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.0.250.0:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.0.250.2:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.0.251.0:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.0.252.0:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.0.254.0:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.0.255.0:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.0.256.0:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.0.257.0:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.0.258.0:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.0.259.0:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.0.260.0:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.0.261.0:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.0.262.0:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.0.263.0:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.0.264.0:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.0.265.0:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.0.266.0:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.0.267.0:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.0.268.0:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.0.269.0:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.0.271.0:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.0.272.0:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.0.275.0:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.0.275.1:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.0.276.0:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.0.277.0:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.0.278.0:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.0.286.0:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.0.287.0:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.0.288.0:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.0.288.1:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.0.289.0:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.0.290.0:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.0.292.0:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.0.294.0:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.0.295.0:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.0.296.0:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.0.299.0:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.0.300.0:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.0.301.0:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.0.302.0:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.0.302.1:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.0.302.2:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.0.302.3:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.0.303.0:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.0.304.0:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.0.305.0:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.1.249.0:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.1.249.1001:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.1.249.1004:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.1.249.1006:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.1.249.1007:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.1.249.1008:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.1.249.1009:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.1.249.1010:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.1.249.1011:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.1.249.1012:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.1.249.1013:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.1.249.1014:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.1.249.1015:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.1.249.1016:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.1.249.1017:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.1.249.1018:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.1.249.1019:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.1.249.1020:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.1.249.1021:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.1.249.1022:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.1.249.1023:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.1.249.1024:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.1.249.1025:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.1.249.1026:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.1.249.1027:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.1.249.1028:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.1.249.1029:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.1.249.1030:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.1.249.1031:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.1.249.1032:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.1.249.1033:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.1.249.1034:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.1.249.1035:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.1.249.1036:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.1.249.1042:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.1.249.1045:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.1.249.1046:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.1.249.1047:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.1.249.1048:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.1.249.1049:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.1.249.1050:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.1.249.1051:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.1.249.1052:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.1.249.1053:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.1.249.1054:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.1.249.1055:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.1.249.1056:*:*:*:*:*:*:*

cpe:2.3:a:google:chrome:4.1.249.1057:*:*:*:*:*:*:*

EPSS

Процентиль: 70%

0.00632

Низкий

6.8 Medium

CVSS2

Дефекты

CWE-352

Связанные уязвимости

CVE-2010-1767

ubuntu

больше 15 лет назад

CVE-2010-1767

debian

больше 15 лет назад

Cross-site request forgery (CSRF) vulnerability in loader/DocumentThre ...

GHSA-2vwj-qg8g-pq5g

github

больше 3 лет назад

EPSS

Процентиль: 70%

0.00632

Низкий

6.8 Medium

CVSS2

Дефекты

CWE-352