CVE-2009-1412
Published Apr 24, 2009
Last updated 3 years ago
Overview
- Description
- Argument injection vulnerability in the chromehtml: protocol handler in Google Chrome before 1.0.154.59, when invoked by Internet Explorer, allows remote attackers to determine the existence of files, and open tabs for URLs that do not satisfy the IsWebSafeScheme restriction, via a web page that sets document.location to a chromehtml: value, as demonstrated by use of a (1) javascript: or (2) data: URL. NOTE: this can be leveraged for Universal XSS by exploiting certain behavior involving persistence across page transitions.
- Source
- cve@mitre.org
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 7.8
- Impact score
- 6.9
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:C/I:N/A:N
Weaknesses
- nvd@nist.gov
- CWE-200
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "22A411BE-895D-4D8F-B14B-AAEB3112F9F6",
"versionEndIncluding": "1.0.154.53"
},
{
"criteria": "cpe:2.3:a:google:chrome:0.2.149.29:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5B8FF77A-7802-4963-B532-3F16C7BB012C"
},
{
"criteria": "cpe:2.3:a:google:chrome:0.2.149.30:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D73576CF-76EE-42A3-9955-D7991384B8C1"
},
{
"criteria": "cpe:2.3:a:google:chrome:0.2.152.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DD4A2AB1-6F90-4D0B-A673-C6310514CE63"
},
{
"criteria": "cpe:2.3:a:google:chrome:0.2.153.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "66A4FEB5-11D8-4FFC-972D-A3B991176040"
},
{
"criteria": "cpe:2.3:a:google:chrome:0.3.154.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A6313614-FC3C-488C-B80B-191797319A56"
},
{
"criteria": "cpe:2.3:a:google:chrome:0.3.154.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9CDF3DAB-73C4-48E8-9B0B-DADABF217555"
},
{
"criteria": "cpe:2.3:a:google:chrome:0.4.154.18:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7B2FAE50-4CA3-46F6-B533-C599011A9ED5"
},
{
"criteria": "cpe:2.3:a:google:chrome:0.4.154.22:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B0D94F22-37B6-4938-966A-E1830D83FBC3"
},
{
"criteria": "cpe:2.3:a:google:chrome:0.4.154.31:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D8B7164E-7A4F-4959-9E6D-EF614EDD4C3C"
},
{
"criteria": "cpe:2.3:a:google:chrome:0.4.154.33:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0C0F9D75-B10D-468F-84D8-61B6A1230556"
},
{
"criteria": "cpe:2.3:a:google:chrome:1.0.154.36:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5D2CAE29-3F1E-4374-B82C-B60B7BB4AEAE"
},
{
"criteria": "cpe:2.3:a:google:chrome:1.0.154.39:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "173D539E-045E-4429-80C9-5749BECC6CD5"
},
{
"criteria": "cpe:2.3:a:google:chrome:1.0.154.42:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D2052352-FECC-4990-B0F4-A715694AD816"
},
{
"criteria": "cpe:2.3:a:google:chrome:1.0.154.43:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BCBC80CB-4AB8-4EDF-9940-D2D7124D7549"
},
{
"criteria": "cpe:2.3:a:google:chrome:1.0.154.46:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E37938BB-8368-46D6-A8E4-F99F5CB9B82E"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:7:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "1A33FA7F-BB2A-4C66-B608-72997A2BD1DB"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]