CVE-2010-3417

Опубликовано: 16 сент. 2010

Источник: nvd

CVSS2: 5

EPSS Низкий

Описание

Google Chrome before 6.0.472.59 does not prompt the user before granting access to the extension history, which allows attackers to obtain potentially sensitive information via unspecified vectors.

Ссылки

http://code.google.com/p/chromium/issues/detail?id=54006
Patch
Vendor Advisory
http://googlechromereleases.blogspot.com/2010/09/stable-beta-channel-updates_14.html
Vendor Advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7371
Third Party Advisory
http://code.google.com/p/chromium/issues/detail?id=54006
Patch
Vendor Advisory
http://googlechromereleases.blogspot.com/2010/09/stable-beta-channel-updates_14.html
Vendor Advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7371
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*

Версия до 6.0.472.59 (исключая)

EPSS

Процентиль: 37%

0.00156

Низкий

5 Medium

CVSS2

Дефекты

CWE-200

Связанные уязвимости

CVE-2010-3417

ubuntu

больше 15 лет назад

Google Chrome before 6.0.472.59 does not prompt the user before granting access to the extension history, which allows attackers to obtain potentially sensitive information via unspecified vectors.

CVE-2010-3417

debian

больше 15 лет назад

Google Chrome before 6.0.472.59 does not prompt the user before granti ...

GHSA-f7qv-f82g-445f

github

больше 3 лет назад

Google Chrome before 6.0.472.59 does not prompt the user before granting access to the extension history, which allows attackers to obtain potentially sensitive information via unspecified vectors.

EPSS

Процентиль: 37%

0.00156

Низкий

5 Medium

CVSS2

Дефекты

CWE-200