Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2008-7294HistoryAug 09, 2011 - 7:55 p.m.
CVE-2008-7294
2011-08-0919:55:00
Debian Security Bug Tracker
security-tracker.debian.org
6
0.002 Low
EPSS
Percentile
61.2%
Google Chrome before 4.0.211.0 cannot properly restrict modifications to cookies established in HTTPS sessions, which allows man-in-the-middle attackers to overwrite or delete arbitrary cookies via a Set-Cookie header in an HTTP response, related to lack of the HTTP Strict Transport Security (HSTS) includeSubDomains feature, aka a “cookie forcing” issue.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 9 | all | chromium-browser | < 70.0.3538.110-1~deb9u1 | chromium-browser_70.0.3538.110-1~deb9u1_all.deb |
Related
openvas
openvas
Google Chrome Secure Cookie Security Bypass Vulnerability (Linux)
2011-08-19 00:00:00
Google Chrome Secure Cookie Security Bypass Vulnerability - Linux
2011-08-19 00:00:00
Google Chrome Secure Cookie Security Bypass Vulnerability - Windows
2011-08-19 00:00:00
ubuntucve
ubuntucve
CVE-2008-7294
2011-08-09 00:00:00
cve
cve
CVE-2008-7294
2022-10-03 16:13:53
prion
prion
Design/Logic Flaw
2011-08-09 19:55:00
nvd
nvd
CVE-2008-7294
2011-08-09 19:55:01
cvelist
cvelist
CVE-2008-7294
2022-10-03 16:13:53