CVE-2010-0650

WebKit, as used in Google Chrome before 4.0.249.78 and Apple Safari, allows remote attackers to bypass intended restrictions on popup windows via crafted use of a mouse click event.

CVSS v2.0 2.6 LOW

2.6^/10

CVSS v2.0 : LOW

V2 Legend

Vector : AV:N/AC:H/Au:N/C:N/I:P/A:N

Exploitability : 4.9 / Impact : 2.9

Access Vector NETWORK

Access Complexity HIGH

Authentication NONE

Confidentiality Impact NONE

Integrity Impact PARTIAL

Availability Impact NONE

References

Link	Resource
http://code.google.com/p/chromium/issues/detail?id=3275	Exploit Vendor Advisory
http://googlechromereleases.blogspot.com/2010/01/stable-channel-update_25.html	Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html	Mailing List Third Party Advisory
http://secunia.com/advisories/41856	Third Party Advisory
http://secunia.com/advisories/43068	Third Party Advisory
http://securitytracker.com/id?1023506	Third Party Advisory VDB Entry
http://sites.google.com/a/chromium.org/dev/Home/chromium-security/chromium-security-bugs	Vendor Advisory
http://www.mandriva.com/security/advisories?name=MDVSA-2011:039	Third Party Advisory
http://www.securityfocus.com/bid/38373	Third Party Advisory VDB Entry
http://www.ubuntu.com/usn/USN-1006-1	Third Party Advisory
http://www.vupen.com/english/advisories/2010/2722	Third Party Advisory
http://www.vupen.com/english/advisories/2011/0212	Third Party Advisory
http://www.vupen.com/english/advisories/2011/0552	Third Party Advisory
https://bugs.webkit.org/show_bug.cgi?id=21501	Permissions Required Third Party Advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13791	Third Party Advisory
http://code.google.com/p/chromium/issues/detail?id=3275	Exploit Vendor Advisory
http://googlechromereleases.blogspot.com/2010/01/stable-channel-update_25.html	Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html	Mailing List Third Party Advisory
http://secunia.com/advisories/41856	Third Party Advisory
http://secunia.com/advisories/43068	Third Party Advisory
http://securitytracker.com/id?1023506	Third Party Advisory VDB Entry
http://sites.google.com/a/chromium.org/dev/Home/chromium-security/chromium-security-bugs	Vendor Advisory
http://www.mandriva.com/security/advisories?name=MDVSA-2011:039	Third Party Advisory
http://www.securityfocus.com/bid/38373	Third Party Advisory VDB Entry
http://www.ubuntu.com/usn/USN-1006-1	Third Party Advisory
http://www.vupen.com/english/advisories/2010/2722	Third Party Advisory
http://www.vupen.com/english/advisories/2011/0212	Third Party Advisory
http://www.vupen.com/english/advisories/2011/0552	Third Party Advisory
https://bugs.webkit.org/show_bug.cgi?id=21501	Permissions Required Third Party Advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13791	Third Party Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*

Configuration 2 (hide)

cpe:2.3:a:apple:safari:-:*:*:*:*:*:*:*

Configuration 3 (hide)

OR	cpe:2.3:o:canonical:ubuntu_linux:9.10:::::::*
	cpe:2.3:o:canonical:ubuntu_linux:10.04::::lts:::
	cpe:2.3:o:canonical:ubuntu_linux:10.10:::::::*

History

21 Nov 2024, 01:12

Information

Published : 2010-02-18 18:00

Updated : 2024-11-21 01:12

NVD link : CVE-2010-0650

Mitre link : CVE-2010-0650

CVE.ORG link : CVE-2010-0650

JSON object : View

Products Affected

apple

safari

google

chrome

canonical

ubuntu_linux

CWE

CWE-264

Permissions, Privileges, and Access Controls

2.6 /10