CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
AI Score
Confidence
High
EPSS
Percentile
78.7%
Google Chrome before 7.0.517.41 does not properly implement the autofill and autocomplete functionality, which allows remote attackers to conduct “profile spamming” attacks via unspecified vectors.
Vendor | Product | Version | CPE |
---|---|---|---|
chrome | * | cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:* | |
chrome | 6.0.454.0 | cpe:2.3:a:google:chrome:6.0.454.0:*:*:*:*:*:*:* | |
chrome | 6.0.455.0 | cpe:2.3:a:google:chrome:6.0.455.0:*:*:*:*:*:*:* | |
chrome | 6.0.456.0 | cpe:2.3:a:google:chrome:6.0.456.0:*:*:*:*:*:*:* | |
chrome | 6.0.457.0 | cpe:2.3:a:google:chrome:6.0.457.0:*:*:*:*:*:*:* | |
chrome | 6.0.458.0 | cpe:2.3:a:google:chrome:6.0.458.0:*:*:*:*:*:*:* | |
chrome | 6.0.458.1 | cpe:2.3:a:google:chrome:6.0.458.1:*:*:*:*:*:*:* | |
chrome | 6.0.458.2 | cpe:2.3:a:google:chrome:6.0.458.2:*:*:*:*:*:*:* | |
chrome | 6.0.459.0 | cpe:2.3:a:google:chrome:6.0.459.0:*:*:*:*:*:*:* | |
chrome | 6.0.460.0 | cpe:2.3:a:google:chrome:6.0.460.0:*:*:*:*:*:*:* |
code.google.com/p/chromium/issues/detail?id=48225
code.google.com/p/chromium/issues/detail?id=51727
googlechromereleases.blogspot.com/2010/10/stable-channel-update.html
secunia.com/advisories/41888
www.securityfocus.com/bid/44241
www.vupen.com/english/advisories/2010/2731
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7159