WebKit 'window.open()' method Cross Domain Scripting Vulnerability

Bugtraq ID: 38375
Class: Origin Validation Error
CVE: CVE-2010-0661
Remote: Yes
Local: No
Published: Feb 23 2010 12:00AM
Updated: Sep 14 2010 10:31PM
Credit: Adam Barth
Vulnerable: WebKit Open Source Project WebKit 0
Google Chrome 3.0.195 .33
Google Chrome 3.0.195 .32
Google Chrome 3.0.195 .24
Google Chrome 3.0.195 .21
Google Chrome 2.0.172 .43
Google Chrome 2.0.172 .37
Google Chrome 2.0.172 .33
Google Chrome 2.0.172 .31
Google Chrome 2.0.172 .30
Google Chrome 1.0.154 .61
Google Chrome 3.0 Beta
Google Chrome 1.0.154.65
Google Chrome 1.0.154.64
Google Chrome 1.0.154.59
Google Chrome 1.0.154.55
Google Chrome 1.0.154.53
Google Chrome 1.0.154.48
Google Chrome 1.0.154.46
Google Chrome 1.0.154.36
Flock Flock 3.0.0
Not Vulnerable: WebKit Open Source Project WebKit r52401
Google Chrome 4.0.249 .78
Flock Flock 3.0.0.4094


 

Privacy Statement
Copyright 2010, SecurityFocus