Lucene search
PRIOn knowledge basePRION:CVE-2009-3264HistorySep 18, 2009 - 10:30 p.m.
Cross site scripting
2009-09-1822:30:00
PRIOn knowledge base
www.prio-n.com
1
The getSVGDocument method in Google Chrome before 3.0.195.21 omits an unspecified “access check,” which allows remote web servers to bypass the Same Origin Policy and conduct cross-site scripting attacks via unknown vectors, related to a user’s visit to a different web server that hosts an SVG document.
| CPE | Name | Operator | Version |
|---|---|---|---|
| chrome | eq | 2.0.172.8 | |
| chrome | eq | 0.3.154.3 | |
| chrome | eq | 3.0.182.2 | |
| chrome | eq | 0.2.149.30 | |
| chrome | eq | 0.4.154.31 | |
| chrome | le | 3.0.193.2 | |
| chrome | eq | 1.0.154.39 | |
| chrome | eq | 2.0.172.38 | |
| chrome | eq | 1.0.154.59 | |
| chrome | eq | 0.2.149.27 |
Related
cvelist
cvelist
CVE-2009-3264
2009-09-18 22:00:00
openvas
openvas
Google Chrome 'getSVGDocument' Cross-Site Scripting Vulnerability
2009-09-23 00:00:00
Google Chrome 'getSVGDocument' Cross-Site Scripting Vulnerability
2009-09-23 00:00:00
debiancve
debiancve
CVE-2009-3264
2009-09-18 22:30:00
cve
cve
CVE-2009-3264
2009-09-18 22:30:00
nvd
nvd
CVE-2009-3264
2009-09-18 22:30:00
nessus
nessus
Google Chrome < 3.0.195.21 Multiple Vulnerabilities
2009-09-15 00:00:00