Vulnerabilities > CVE-2010-3256 - Unspecified vulnerability in Google Chrome
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN google
nessus
Summary
Google Chrome before 6.0.472.53 does not properly limit the number of stored autocomplete entries, which has unspecified impact and attack vectors.
Vulnerable Configurations
Nessus
NASL family | Windows |
NASL id | GOOGLE_CHROME_6_0_472_53.NASL |
description | The version of Google Chrome installed on the remote host is earlier than 6.0.472.53. It therefore is reportedly affected by multiple vulnerabilities : - It is possible to bypass the pop-up blocker with a blank frame target . (Issue #34414) - It is possible to visually spoof the URL bar with homographic sequences. (Issue #37201) - Restrictions on setting clipboard content are not strict enough. (Issue #41654) - A stale pointer exists with SVG filters. (Issue #45659) - It may be possible to enumerate installed extensions. (Issue #45876) - An unspecified vulnerability in WebSockets could lead to a browser NULL crash. (Issue #46750, #51846) - A use-after-free error exists in the Notifications presenter. (Issue #50386) - An unspecified memory corruption issue exists in Notification permissions. (Issue #50839) - Multiple unspecified integer errors exist in WebSockets. (Issue #51360, #51739) - A memory corruption issue exists with counter nodes. (Issue #51653) - Chrome may store an excessive amount of autocomplete entries. (Issue #51727) - A stale pointer exists in focus handling. (Issue #52443) - A Sandbox parameter deserialization error exists. (Issue #52682) - An unspecified cross-origin image theft issue exists. (Issue #53001) |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 49089 |
published | 2010-09-02 |
reporter | This script is Copyright (C) 2010-2018 Tenable Network Security, Inc. |
source | https://www.tenable.com/plugins/nessus/49089 |
title | Google Chrome < 6.0.472.53 Multiple Vulnerabilities |
code |
|
Oval
accepted | 2013-08-12T04:00:50.199-04:00 | ||||||||||||||||||||||||
class | vulnerability | ||||||||||||||||||||||||
contributors |
| ||||||||||||||||||||||||
definition_extensions |
| ||||||||||||||||||||||||
description | Google Chrome before 6.0.472.53 does not properly limit the number of stored autocomplete entries, which has unspecified impact and attack vectors. | ||||||||||||||||||||||||
family | windows | ||||||||||||||||||||||||
id | oval:org.mitre.oval:def:12027 | ||||||||||||||||||||||||
status | accepted | ||||||||||||||||||||||||
submitted | 2010-09-12T17:30:00.000-05:00 | ||||||||||||||||||||||||
title | Google Chrome Stored Autocomplete Entry Quantity Limitation Weakness Unspecified Issue | ||||||||||||||||||||||||
version | 51 |
References
- http://code.google.com/p/chromium/issues/detail?id=51727
- http://code.google.com/p/chromium/issues/detail?id=51727
- http://googlechromereleases.blogspot.com/2010/09/stable-and-beta-channel-updates.html
- http://googlechromereleases.blogspot.com/2010/09/stable-and-beta-channel-updates.html
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12027
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12027