The Web Workers implementation in Google Chrome before 10.0.648.127 allows remote attackers to bypass the Same Origin Policy via unspecified vectors, related to an "error message leak."
References
Configurations
History
21 Nov 2024, 01:25
Type | Values Removed | Values Added |
---|---|---|
References | () http://code.google.com/p/chromium/issues/detail?id=70336 - Exploit, Issue Tracking, Patch, Vendor Advisory | |
References | () http://googlechromereleases.blogspot.com/2011/03/chrome-stable-release.html - Vendor Advisory | |
References | () http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html - Mailing List, Third Party Advisory | |
References | () http://lists.apple.com/archives/security-announce/2011//Jul/msg00002.html - Mailing List, Third Party Advisory | |
References | () http://support.apple.com/kb/HT4808 - Third Party Advisory | |
References | () http://support.apple.com/kb/HT4999 - Third Party Advisory | |
References | () http://www.securityfocus.com/bid/46785 - Third Party Advisory, VDB Entry | |
References | () http://www.vupen.com/english/advisories/2011/0628 - Permissions Required | |
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/65954 - Third Party Advisory, VDB Entry | |
References | () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14398 - Third Party Advisory |
Information
Published : 2011-03-11 02:01
Updated : 2024-11-21 01:25
NVD link : CVE-2011-1190
Mitre link : CVE-2011-1190
CVE.ORG link : CVE-2011-1190
JSON object : View
Products Affected
apple
- safari
- iphone_os
- chrome
CWE
CWE-200
Exposure of Sensitive Information to an Unauthorized Actor