Google Chrome 'chrome://downloads' Cross Domain Scripting Vulnerability
|
Bugtraq ID:
|
39669
|
|
Class:
|
Input Validation Error
|
|
CVE:
|
CVE-2010-1504
|
|
Remote:
|
Yes
|
|
Local:
|
No
|
|
Published:
|
Apr 23 2010 12:00AM
|
|
Updated:
|
Apr 23 2010 12:00AM
|
|
Credit:
|
Robert Swiecki and Tavis Ormandy of Google Security Team.
|
|
Vulnerable:
|
Google Chrome 4.1.249 1036
Google Chrome 4.1.249 .1045
Google Chrome 4.1.249 .1042
Google Chrome 4.0.249 .89
Google Chrome 4.0.249 .78
|
|
|
|
Not Vulnerable:
|
Google Chrome 4.1.249 1059
|
|
