Vulnerability Description
Google Chrome before 4.1.249.1036 does not have the expected behavior for attempts to delete Web SQL Databases and clear the Strict Transport Security (STS) state, which has unspecified impact and attack vectors.
CVSS Score
10.0
HIGH
AV:N/AC:L/Au:N/C:C/I:C/A:C
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Chrome | < 4.1.249.1036 |
Related Weaknesses (CWE)
References
- http://code.google.com/p/chromium/issues/detail?id=30801Vendor Advisory
- http://code.google.com/p/chromium/issues/detail?id=33445Vendor Advisory
- http://googlechromereleases.blogspot.com/2010/03/stable-channel-update.htmlThird Party Advisory
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Third Party Advisory
- http://code.google.com/p/chromium/issues/detail?id=30801Vendor Advisory
- http://code.google.com/p/chromium/issues/detail?id=33445Vendor Advisory
- http://googlechromereleases.blogspot.com/2010/03/stable-channel-update.htmlThird Party Advisory
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Third Party Advisory
FAQ
What is CVE-2010-1230?
CVE-2010-1230 is a vulnerability with a CVSS score of 10.0 (HIGH). Google Chrome before 4.1.249.1036 does not have the expected behavior for attempts to delete Web SQL Databases and clear the Strict Transport Security (STS) state, which has unspecified impact and att...
How severe is CVE-2010-1230?
CVE-2010-1230 has been rated HIGH with a CVSS base score of 10.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2010-1230?
Check the references section above for vendor advisories and patch information. Affected products include: Google Chrome.