CVE-2010-0643

  1. Reconshell
  2. Vulnerabilities (CVE)
  3. CVE-2010-0643
Google Chrome before 4.0.249.89 attempts to make direct connections to web sites when all configured proxy servers are unavailable, which allows remote HTTP servers to obtain potentially sensitive information about the identity of a client user via standard HTTP logging, as demonstrated by a proxy server that was configured for the purpose of anonymity.

4.3 /10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:M/Au:N/C:P/I:N/A:N

Exploitability : 8.6 / Impact : 2.9

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact NONE

Availability Impact NONE

References
Link Resource
http://securitytracker.com/id?1023583
http://googlechromereleases.blogspot.com/2010/02/stable-channel-update.html Patch
http://code.google.com/p/chromium/issues/detail?id=12303
http://www.osvdb.org/62315
http://secunia.com/advisories/38545 Vendor Advisory
http://www.securityfocus.com/bid/38177
http://sites.google.com/a/chromium.org/dev/Home/chromium-security/chromium-security-bugs Vendor Advisory
http://www.vupen.com/english/advisories/2010/0361 Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/56212
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14500
Advertisement

NeevaHost hosting service
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:google:chrome:3.0.195.21:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:3.0.195.33:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:1.0.154.59:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:1.0.154.65:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:0.2.149.30:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:1.0.154.43:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:2.0.156.1:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:2.0.172.27:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:0.3.154.0:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:2.0.172.33:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:3.0.195.32:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:2.0.172.8:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:0.3.154.3:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:3.0.182.2:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:0.4.154.31:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:0.2.149.27:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:1.0.154.53:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:1.0.154.42:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:3.0.195.24:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:1.0.154.52:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:0.2.149.29:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:2.0.157.0:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:0.2.153.1:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:2.0.172.2:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:2.0.169.0:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:1.0.154.36:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:2.0.172.30:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:1.0.154.46:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:3.0.190.2:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:0.4.154.22:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:2.0.172.28:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:1.0.154.48:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:1.0.154.39:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:2.0.172.38:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:0.4.154.33:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:2.0.170.0:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:2.0.169.1:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:2.0.157.2:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:0.4.154.18:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:0.2.152.1:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:2.0.172:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:3.0.193.2:beta:*:*:*:*:*:*
cpe:2.3:a:google:chrome:2.0.159.0:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:2.0.158.0:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:2.0.172.31:*:*:*:*:*:*:*
cpe:2.3:a:google:chrome:2.0.172.37:*:*:*:*:*:*:*
Information

Published : 2010-02-18 10:00

Updated : 2017-09-18 18:30

NVD link : CVE-2010-0643

Mitre link : CVE-2010-0643

JSON object : View

CWE
CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

Advertisement

dedicated server usa
Products Affected

google

  • chrome