CVE Vulnerabilities

CVE-2009-0276

Published: Feb 03, 2009 | Modified: Feb 04, 2009
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
5 MEDIUM
AV:N/AC:L/Au:N/C:P/I:N/A:N
RedHat/V2
RedHat/V3
Ubuntu

Cross-domain vulnerability in the V8 JavaScript engine in Google Chrome before 1.0.154.46 allows remote attackers to bypass the Same Origin Policy via a crafted script that accesses another frame and reads its full URL and possibly other sensitive information, or modifies the URL of this frame.

Affected Software

Name Vendor Start Version End Version
Chrome Google 0.2.152.1 0.2.152.1
Chrome Google 0.2.153.1 0.2.153.1
Chrome Google 0.3.154.0 0.3.154.0
Chrome Google 0.3.154.3 0.3.154.3
Chrome Google 0.4.154.18 0.4.154.18
Chrome Google 0.4.154.22 0.4.154.22
Chrome Google 0.4.154.31 0.4.154.31
Chrome Google 0.4.154.33 0.4.154.33
Chrome Google 1.0.154.36 1.0.154.36
Chrome Google 1.0.154.39 1.0.154.39
Chrome Google 1.0.154.42 1.0.154.42
Chrome Google * 1.0.154.43

References