Microsoft is providing notification of the discovery and remediation of a vulnerability affecting Google Chrome browser versions 8.0.552.210 and earlier; Opera browser versions 10.62 and earlier; and Safari browser versions 4.1.2 and earlier, Safari browser versions 5.0.2 and earlier, and Safari browser on iOS 4.1 and earlier. Microsoft discovered and disclosed the vulnerability under coordinated vulnerability disclosure to the respective affected vendors, Google Inc., Opera Software ASA, and Apple Inc. Google Inc., Opera Software ASA, and Apple Inc. have remediated the vulnerability in their respective software.
An information disclosure vulnerability exists in the implementation of HTML5 in these Web browsers. Specifically, as the World Wide Web Consortium (W3C) describes in the HTML5 specification for security with canvas elements, information leakage can occur if scripts from one origin can access information from another origin. For more information, see HTML5: A vocabulary and associated APIs for HTML and XHTML, “Security with canvas elements.” An attacker who successfully exploited this vulnerability could obtain private information. Note that this vulnerability would not allow an attacker to execute code or to elevate their user rights directly, but the attacker could use the information gained to try to further compromise the affected system.
Microsoft Vulnerability Research reported this issue to and coordinated with Google Inc., Opera Software ASA, and Apple Inc. to ensure remediation of this issue. The vulnerability in Google Chrome has been assigned the entry, CVE-2010-4483, in the Common Vulnerabilities and Exposures list. For more information, including information about updates from Google, see Google Chrome Releases: Stable, Beta Channel Updates (December 2, 2010). The vulnerability in Opera has been assigned the entry, CVE-2010-4046, in the Common Vulnerabilities and Exposures list. For more information, including information about updates from Opera Software ASA, see Advisory: Private video streams can be intercepted. The vulnerability in Safari has been assigned the entry, CVE-2010-3259, in the Common Vulnerabilities and Exposures list. For more information, including information about updates from Apple, see Apple Security Updates.