Описание
Google Chrome before 20.0.1132.43 allows remote attackers to obtain potentially sensitive information from a fragment identifier by leveraging access to an IFRAME element associated with a different domain.
Ссылки
Уязвимые конфигурации
Конфигурация 1Версия до 20.0.1132.42 (включая)
Одно из
cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:20.0.1132.0:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:20.0.1132.1:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:20.0.1132.2:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:20.0.1132.3:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:20.0.1132.4:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:20.0.1132.5:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:20.0.1132.6:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:20.0.1132.7:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:20.0.1132.8:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:20.0.1132.9:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:20.0.1132.10:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:20.0.1132.11:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:20.0.1132.12:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:20.0.1132.13:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:20.0.1132.14:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:20.0.1132.15:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:20.0.1132.16:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:20.0.1132.17:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:20.0.1132.18:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:20.0.1132.19:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:20.0.1132.20:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:20.0.1132.21:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:20.0.1132.22:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:20.0.1132.23:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:20.0.1132.24:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:20.0.1132.25:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:20.0.1132.26:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:20.0.1132.27:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:20.0.1132.28:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:20.0.1132.29:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:20.0.1132.30:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:20.0.1132.31:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:20.0.1132.32:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:20.0.1132.33:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:20.0.1132.34:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:20.0.1132.35:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:20.0.1132.36:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:20.0.1132.37:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:20.0.1132.38:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:20.0.1132.39:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:20.0.1132.40:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:20.0.1132.41:*:*:*:*:*:*:*
EPSS
Процентиль: 69%
0.00589
Низкий
5 Medium
CVSS2
Дефекты
CWE-200
Связанные уязвимости
ubuntu
больше 13 лет назад
Google Chrome before 20.0.1132.43 allows remote attackers to obtain potentially sensitive information from a fragment identifier by leveraging access to an IFRAME element associated with a different domain.
debian
больше 13 лет назад
Google Chrome before 20.0.1132.43 allows remote attackers to obtain po ...
github
больше 3 лет назад
Google Chrome before 20.0.1132.43 allows remote attackers to obtain potentially sensitive information from a fragment identifier by leveraging access to an IFRAME element associated with a different domain.
EPSS
Процентиль: 69%
0.00589
Низкий
5 Medium
CVSS2
Дефекты
CWE-200