Vulnerabilities

Google Chrome 2.0.x remote access vulnerability (PC1-2009-1148)

Overview

Vulnerability chart	Risk level Low Medium High Extreme Severe Warning: security vulnerability level = severe 52 vulnerabilities(-y) found between 29 December, 2008 and 1 April, 2010. Google Chrome is a web browser. It is developed by Google and grounded on the... more 1 files found: chrome.exe... more A vulnerability in Google Chrome 2.0.x was identified.
Remote Access Unknown patch availability Patch implementation unknown

References to Advisories, Solutions, and Tools

Description:

This type of vulnerability allows changes to be kept up across a page transition to the global object. It makes it not difficult for attackers to perform Universal XSS attacks through unidentified vectors.

Impact:

With the help of this type of vulnerability, attackers might be able to make changes without any changes.

Solution:

http://code.google.com/p/chromium/issues/detail?id=9860

Impact

CVSS Severity		CVSS Version 2 Metrics:
CVSS v2 Base Score:	4.3 (MEDIUM)	Access Vector:	N/A
Impact Subscore:	2.9	Access Complexity:	Medium
Exploitability Subscore:	8.6	Authentication:	Not required to exploit
		Impact Type:	Allows unauthorized modification