WebCore/bindings/v8/custom/V8DOMWindowCustom.cpp in WebKit before r52401, as used in Google Chrome before 4.0.249.78, allows remote attackers to bypass the Same Origin Policy via vectors involving the window.open method.
References
Configurations
Configuration 1 (hide)
AND |
|
History
No history.
Information
Published : 2010-02-18 18:00
Updated : 2024-02-28 11:41
NVD link : CVE-2010-0661
Mitre link : CVE-2010-0661
CVE.ORG link : CVE-2010-0661
JSON object : View
Products Affected
- chrome
apple
- webkit
CWE
CWE-264
Permissions, Privileges, and Access Controls