Lucene search
Ubuntu.comUB:CVE-2010-0661HistoryFeb 18, 2010 - 12:00 a.m.
CVE-2010-0661
2010-02-1800:00:00
ubuntu.com
ubuntu.com
12
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.01 Low
EPSS
Percentile
83.5%
WebCore/bindings/v8/custom/V8DOMWindowCustom.cpp in WebKit before r52401,
as used in Google Chrome before 4.0.249.78, allows remote attackers to
bypass the Same Origin Policy via vectors involving the window.open method.
Bugs
- <https://bugs.webkit.org/show_bug.cgi?id=32647>
- <http://code.google.com/p/chromium/issues/detail?id=30660>
Notes
| Author | Note |
|---|---|
| jdstrand | qt4-x11 unmaintained upstream (see README.webkit for details) webkit is a fork of khtml from kdelibs. kdelibs5 is farther from it, while qt4-x11 attempts to unify khtml and webkit. |
| mdeslaur | webkitkde is a wrapper around qt4-x11’s webkit. code not present in gtk webkit |
Related
prion
prion
Buffer overflow
2010-02-18 18:00:00
debiancve
debiancve
CVE-2010-0661
2010-02-18 18:00:00
securityvulns
securityvulns
[FLOCK-SA-2010-04] Flock Browser: window.open() Method Javascript Same-Origin Policy Violation (XSS)
2010-09-17 00:00:00
Flock browser crossite scripting
2010-09-17 00:00:00
cve
cve
CVE-2010-0661
2010-02-18 18:00:00
openvas
openvas
Google Chrome Multiple Vulnerabilities - (Windows)
2010-02-22 00:00:00
Google Chrome Multiple Vulnerabilities - Windows
2010-02-22 00:00:00
nessus
nessus
Google Chrome < 4.0.249.78 Multiple Vulnerabilities
2010-01-26 00:00:00
openSUSE Security Update : libwebkit (openSUSE-SU-2011:0024-1)
2014-06-13 00:00:00
openSUSE Security Update : libwebkit (openSUSE-SU-2011:0024-1)
2011-05-05 00:00:00
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.01 Low
EPSS
Percentile
83.5%
Related for UB:CVE-2010-0661