CVE-2010-0556

by Fred · 18/02/2010

browser/login/login_prompt.cc in Google Chrome before 4.0.249.89 populates an authentication dialog with credentials that were stored by Password Manager for a different web site, which allows user-assisted remote HTTP servers to obtain sensitive information via a URL that requires authentication, as demonstrated by a URL in the SRC attribute of an IMG element.

Date published : 2010-02-18

http://www.securityfocus.com/bid/38177

http://www.securityfocus.com/archive/1/509543/100/0/threaded

CVE-2010-0556

Similar

Recent Posts

Categories

CVE-2010-0556

Share this:

Similar

Recent Posts

Categories

Tags