Vulnerability Description
Google Chrome before 4.1.249.1059 does not prevent pages from loading with the New Tab page's privileges, which has unknown impact and attack vectors.
CVSS Score
10.0
HIGH
AV:N/AC:L/Au:N/C:C/I:C/A:C
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Chrome | <= 4.1.249.1058 |
Related Weaknesses (CWE)
References
- http://bugs.chromium.org/40575
- http://googlechromereleases.blogspot.com/2010/04/stable-update-security-fixes.ht
- http://osvdb.org/63997
- http://secunia.com/advisories/39544
- http://www.securityfocus.com/bid/39603
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3
- http://bugs.chromium.org/40575
- http://googlechromereleases.blogspot.com/2010/04/stable-update-security-fixes.ht
- http://osvdb.org/63997
- http://secunia.com/advisories/39544
- http://www.securityfocus.com/bid/39603
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3
FAQ
What is CVE-2010-1505?
CVE-2010-1505 is a vulnerability with a CVSS score of 10.0 (HIGH). Google Chrome before 4.1.249.1059 does not prevent pages from loading with the New Tab page's privileges, which has unknown impact and attack vectors.
How severe is CVE-2010-1505?
CVE-2010-1505 has been rated HIGH with a CVSS base score of 10.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2010-1505?
Check the references section above for vendor advisories and patch information. Affected products include: Google Chrome.