3 matches found
Google Chrome Multilpe XSS Vulnerabilities (May 09)
The host is installed with Google Chrome and is prone to multiple XSS vulnerabilities. OpenVAS Vulnerability Test $Id: gbgooglechromemultxssvulnmay09.nasl 4869 2016-12-29 11:01:45Z teissa $ Google Chrome Multilpe XSS Vulnerabilities May 09 Authors: Nikita MR Copyright: Copyright c 2009 Greenbone...
CVE-2009-1412
Google Chrome before 1.0.154.59 is affected by CVE-2009-1412 via the chromehtml: protocol handler. A web page could set document.location to a chromehtml: value and, when launched from Internet Explorer, allow enumeration of local files and opening tabs for non‑IsWebSafe URLs, enabling potential ...
Stable Update: Security Fix
Edit 24 April: Removed "Such an attack only works if Chrome is not already running." Google Chrome's Stable channel has been updated to 1.0.154.59 to fix a security issue: CVE-2009-1412 ChromeHTML protocol handler same-origin bypass An error in handling URLs with a chromehtml: protocol could allo...