NA
CVSSv3

CVE-2010-0656

CVSSv4: NA | CVSSv3: NA | CVSSv2: 4.3 | VMScore: 530 | EPSS: 0.00482 | KEV: Not Included
Published: 18/02/2010 Updated: 21/11/2024

Vulnerability Summary

WebKit before r51295, as used in Google Chrome prior to 4.0.249.78, presents a directory-listing page in response to an XMLHttpRequest for a file:/// URL that corresponds to a directory, which allows malicious users to obtain sensitive information or possibly have unspecified other impact via a crafted local HTML document.

Vulnerable Product Search on Vulmon Subscribe to Product

apple webkit

google chrome

google chrome 0.2.149.27

google chrome 0.2.149.29

google chrome 0.2.149.30

google chrome 0.2.152.1

google chrome 0.2.153.1

google chrome 0.3.154.0

google chrome 0.3.154.3

google chrome 0.4.154.18

google chrome 0.4.154.22

google chrome 0.4.154.31

google chrome 0.4.154.33

google chrome 1.0.154.36

google chrome 1.0.154.39

google chrome 1.0.154.42

google chrome 1.0.154.43

google chrome 1.0.154.46

google chrome 1.0.154.48

google chrome 1.0.154.52

google chrome 1.0.154.53

google chrome 1.0.154.59

google chrome 1.0.154.65

google chrome 2.0.156.1

google chrome 2.0.157.0

google chrome 2.0.157.2

google chrome 2.0.158.0

google chrome 2.0.159.0

google chrome 2.0.169.0

google chrome 2.0.169.1

google chrome 2.0.170.0

google chrome 2.0.172

google chrome 2.0.172.2

google chrome 2.0.172.8

google chrome 2.0.172.27

google chrome 2.0.172.28

google chrome 2.0.172.30

google chrome 2.0.172.31

google chrome 2.0.172.33

google chrome 2.0.172.37

google chrome 2.0.172.38

google chrome 3.0.182.2

google chrome 3.0.190.2

google chrome 3.0.193.2

google chrome 3.0.195.21

google chrome 3.0.195.24

google chrome 3.0.195.32

google chrome 3.0.195.33

google chrome 4.0.244.0

References

CWE-200https://nvd.nist.govhttps://www.first.org/epsshttp://code.google.com/p/chromium/issues/detail?id=20450http://googlechromereleases.blogspot.com/2010/01/stable-channel-update_25.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2010-May/041383.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2010-May/041432.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2010-May/041436.htmlhttp://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.htmlhttp://secunia.com/advisories/41856http://secunia.com/advisories/43068http://securitytracker.com/id?1023506http://sites.google.com/a/chromium.org/dev/Home/chromium-security/chromium-security-bugshttp://trac.webkit.org/changeset/51295http://www.mandriva.com/security/advisories?name=MDVSA-2011:039http://www.securityfocus.com/bid/38372http://www.ubuntu.com/usn/USN-1006-1http://www.vupen.com/english/advisories/2010/2722http://www.vupen.com/english/advisories/2011/0212http://www.vupen.com/english/advisories/2011/0552https://bugs.webkit.org/show_bug.cgi?id=31329https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14501http://code.google.com/p/chromium/issues/detail?id=20450http://googlechromereleases.blogspot.com/2010/01/stable-channel-update_25.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2010-May/041383.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2010-May/041432.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2010-May/041436.htmlhttp://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.htmlhttp://secunia.com/advisories/41856http://secunia.com/advisories/43068http://securitytracker.com/id?1023506http://sites.google.com/a/chromium.org/dev/Home/chromium-security/chromium-security-bugshttp://trac.webkit.org/changeset/51295http://www.mandriva.com/security/advisories?name=MDVSA-2011:039http://www.securityfocus.com/bid/38372http://www.ubuntu.com/usn/USN-1006-1http://www.vupen.com/english/advisories/2010/2722http://www.vupen.com/english/advisories/2011/0212http://www.vupen.com/english/advisories/2011/0552https://bugs.webkit.org/show_bug.cgi?id=31329https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14501