CVE-2010-3118

Опубликовано: 24 авг. 2010

Источник: nvd

CVSS2: 5

EPSS Низкий

Описание

The autosuggest feature in the Omnibox implementation in Google Chrome before 5.0.375.127 does not anticipate entry of passwords, which might allow remote attackers to obtain sensitive information by reading the network traffic generated by this feature.

Ссылки

http://code.google.com/p/chromium/issues/detail?id=51146
Exploit
Issue Tracking
Patch
Vendor Advisory
http://googlechromereleases.blogspot.com/2010/08/stable-channel-update_19.html
Vendor Advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11839
Third Party Advisory
http://code.google.com/p/chromium/issues/detail?id=51146
Exploit
Issue Tracking
Patch
Vendor Advisory
http://googlechromereleases.blogspot.com/2010/08/stable-channel-update_19.html
Vendor Advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11839
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*

Версия до 5.0.375.127 (исключая)

EPSS

Процентиль: 45%

0.00227

Низкий

5 Medium

CVSS2

Дефекты

CWE-200

Связанные уязвимости

CVE-2010-3118

ubuntu

больше 15 лет назад

CVE-2010-3118

debian

больше 15 лет назад

The autosuggest feature in the Omnibox implementation in Google Chrome ...

GHSA-q72h-v39f-h6r6

github

больше 3 лет назад

EPSS

Процентиль: 45%

0.00227

Низкий

5 Medium

CVSS2

Дефекты

CWE-200