CVE-2010-3115 Information
Description
Google Chrome before 5.0.375.127 and webkitgtk before 1.2.6 does not properly implement the history feature which might allow remote attackers to spoof the address bar via unspecified vectors.
Reference
http://code.google.com/p/chromium/issues/detail?id=49964 http://googlechromereleases.blogspot.com/2010/08/stable-channel-update_19.html http://secunia.com/advisories/41856 http://secunia.com/advisories/43086 http://www.mandriva.com/security/advisories?name=MDVSA-2011:039 http://www.redhat.com/support/errata/RHSA-2011-0177.html http://www.securityfocus.com/bid/44203 http://www.ubuntu.com/usn/USN-1006-1 http://www.vupen.com/english/advisories/2010/2722 http://www.vupen.com/english/advisories/2011/0216 http://www.vupen.com/english/advisories/2011/0552 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A11953
Share on: