Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2009-3264HistorySep 18, 2009 - 10:30 p.m.
CVE-2009-3264
2009-09-1822:30:00
Debian Security Bug Tracker
security-tracker.debian.org
4
0.002 Low
EPSS
Percentile
55.5%
The getSVGDocument method in Google Chrome before 3.0.195.21 omits an unspecified “access check,” which allows remote web servers to bypass the Same Origin Policy and conduct cross-site scripting attacks via unknown vectors, related to a user’s visit to a different web server that hosts an SVG document.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 9 | all | chromium-browser | < 70.0.3538.110-1~deb9u1 | chromium-browser_70.0.3538.110-1~deb9u1_all.deb |
Related
cvelist
cvelist
CVE-2009-3264
2009-09-18 22:00:00
openvas
openvas
Google Chrome 'getSVGDocument' Cross-Site Scripting Vulnerability
2009-09-23 00:00:00
Google Chrome 'getSVGDocument' Cross-Site Scripting Vulnerability
2009-09-23 00:00:00
cve
cve
CVE-2009-3264
2009-09-18 22:30:00
prion
prion
Cross site scripting
2009-09-18 22:30:00
nvd
nvd
CVE-2009-3264
2009-09-18 22:30:00
nessus
nessus
Google Chrome < 3.0.195.21 Multiple Vulnerabilities
2009-09-15 00:00:00