Vulnerability Description
Argument injection vulnerability in the chromehtml: protocol handler in Google Chrome before 1.0.154.59, when invoked by Internet Explorer, allows remote attackers to determine the existence of files, and open tabs for URLs that do not satisfy the IsWebSafeScheme restriction, via a web page that sets document.location to a chromehtml: value, as demonstrated by use of a (1) javascript: or (2) data: URL. NOTE: this can be leveraged for Universal XSS by exploiting certain behavior involving persistence across page transitions.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Chrome | <= 1.0.154.53 | |
| Microsoft | Internet Explorer | 7 |
Related Weaknesses (CWE)
References
- http://chromium.googlecode.com/issues/attachment?aid=5579180911289877192&name=GoExploitVendor Advisory
- http://code.google.com/p/chromium/issues/detail?id=9860Exploit
- http://googlechromereleases.blogspot.com/2009/04/stable-update-security-fix.html
- https://exchange.xforce.ibmcloud.com/vulnerabilities/50449
- http://chromium.googlecode.com/issues/attachment?aid=5579180911289877192&name=GoExploitVendor Advisory
- http://code.google.com/p/chromium/issues/detail?id=9860Exploit
- http://googlechromereleases.blogspot.com/2009/04/stable-update-security-fix.html
- https://exchange.xforce.ibmcloud.com/vulnerabilities/50449
FAQ
What is CVE-2009-1412?
CVE-2009-1412 is a vulnerability with a CVSS score of 7.8 (HIGH). Argument injection vulnerability in the chromehtml: protocol handler in Google Chrome before 1.0.154.59, when invoked by Internet Explorer, allows remote attackers to determine the existence of files,...
How severe is CVE-2009-1412?
CVE-2009-1412 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2009-1412?
Check the references section above for vendor advisories and patch information. Affected products include: Google Chrome, Microsoft Internet Explorer.