Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2010-1767

Опубликовано: 24 сент. 2010
Источник: ubuntu
Приоритет: low
EPSS Низкий
CVSS2: 6.8

Описание

Cross-site request forgery (CSRF) vulnerability in loader/DocumentThreadableLoader.cpp in WebCore in WebKit before r57041, as used in Google Chrome before 4.1.249.1059, allows remote attackers to hijack the authentication of unspecified victims via a crafted synchronous preflight XMLHttpRequest operation.

РелизСтатусПримечание
dapper

DNE

devel

not-affected

6.0.472.63~r59945-0ubuntu1
hardy

DNE

jaunty

DNE

karmic

DNE

lucid

released

6.0.472.62~r59676-0ubuntu0.10.04.1
maverick

not-affected

6.0.472.63~r59945-0ubuntu1
natty

not-affected

6.0.472.63~r59945-0ubuntu1
oneiric

not-affected

6.0.472.63~r59945-0ubuntu1
upstream

needs-triage

Показывать по

РелизСтатусПримечание
dapper

not-affected

no webkit
devel

not-affected

4:4.7.0-0ubuntu2
hardy

not-affected

no webkit
jaunty

ignored

end of life
karmic

ignored

end of life
lucid

ignored

end of life
maverick

not-affected

4:4.7.0-0ubuntu2
natty

not-affected

4:4.7.0-0ubuntu2
oneiric

not-affected

4:4.7.0-0ubuntu2
upstream

needs-triage

Показывать по

РелизСтатусПримечание
dapper

DNE

devel

not-affected

1.2.4-1ubuntu1
hardy

ignored

end of life
jaunty

ignored

end of life
karmic

released

1.2.5-0ubuntu0.9.10.1
lucid

not-affected

1.2.0-1
maverick

not-affected

1.2.4-1ubuntu1
natty

not-affected

1.2.4-1ubuntu1
oneiric

not-affected

1.2.4-1ubuntu1
upstream

needs-triage

Показывать по

Ссылки на источники

EPSS

Процентиль: 70%
0.00632
Низкий

6.8 Medium

CVSS2

Связанные уязвимости

nvd логотип

CVE-2010-1767

nvd
больше 15 лет назад

Cross-site request forgery (CSRF) vulnerability in loader/DocumentThreadableLoader.cpp in WebCore in WebKit before r57041, as used in Google Chrome before 4.1.249.1059, allows remote attackers to hijack the authentication of unspecified victims via a crafted synchronous preflight XMLHttpRequest operation.

debian логотип

CVE-2010-1767

debian
больше 15 лет назад

Cross-site request forgery (CSRF) vulnerability in loader/DocumentThre ...

github логотип

GHSA-2vwj-qg8g-pq5g

github
больше 3 лет назад

Cross-site request forgery (CSRF) vulnerability in loader/DocumentThreadableLoader.cpp in WebCore in WebKit before r57041, as used in Google Chrome before 4.1.249.1059, allows remote attackers to hijack the authentication of unspecified victims via a crafted synchronous preflight XMLHttpRequest operation.

EPSS

Процентиль: 70%
0.00632
Низкий

6.8 Medium

CVSS2