CVE-2010-4483

{"id": "CVE-2010-4483", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "MEDIUM", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}]}, "published": "2010-12-07T21:00:08.797", "references": [{"url": "http://code.google.com/p/chromium/issues/detail?id=55745", "source": "cve@mitre.org"}, {"url": "http://googlechromereleases.blogspot.com/2010/12/stable-beta-channel-updates.html", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/42472", "source": "cve@mitre.org"}, {"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11610", "source": "cve@mitre.org"}, {"url": "https://technet.microsoft.com/library/security/msvr11-002", "source": "cve@mitre.org"}, {"url": "http://code.google.com/p/chromium/issues/detail?id=55745", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://googlechromereleases.blogspot.com/2010/12/stable-beta-channel-updates.html", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://secunia.com/advisories/42472", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11610", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://technet.microsoft.com/library/security/msvr11-002", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-264"}]}], "descriptions": [{"lang": "en", "value": "Google Chrome before 8.0.552.215 does not properly restrict read access to videos derived from CANVAS elements, which allows remote attackers to bypass the Same Origin Policy and obtain potentially sensitive video data via a crafted web site."}, {"lang": "es", "value": "Google Chrome antes de v8.0.552.215 no restringe adecuadamente el acceso de lectura a los v\u00eddeos de derivados de elementos CANVAS, lo que permite a atacantes remotos evitar la pol\u00edtica del mismo origen y obtener los datos de video potencialmente sensibles a trav\u00e9s de un sitio web debidamente modificado."}], "lastModified": "2024-11-21T01:21:02.803", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1A2F99C7-6964-47B0-9F25-C98788A3254B", "versionEndIncluding": "8.0.552.214"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}