Lucene search
MitreCVE-2009-0276HistoryOct 03, 2022 - 4:24 p.m.
CVE-2009-0276
2022-10-0316:24:11
mitre
web.nvd.nist.gov
38
cve-2009-0276
cross-domain vulnerability
v8 javascript engine
google chrome
same origin policy
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
AI Score
6.2
Confidence
Low
EPSS
0.002
Percentile
61.9%
Cross-domain vulnerability in the V8 JavaScript engine in Google Chrome before 1.0.154.46 allows remote attackers to bypass the Same Origin Policy via a crafted script that accesses another frame and reads its full URL and possibly other sensitive information, or modifies the URL of this frame.
Affected configurations
Node
googlechromeRange≤1.0.154.43
ORgooglechromeMatch0.2.152.1
ORgooglechromeMatch0.2.153.1
ORgooglechromeMatch0.3.154.0
ORgooglechromeMatch0.3.154.3
ORgooglechromeMatch0.4.154.18
ORgooglechromeMatch0.4.154.22
ORgooglechromeMatch0.4.154.31
ORgooglechromeMatch0.4.154.33
ORgooglechromeMatch1.0.154.36
ORgooglechromeMatch1.0.154.39
ORgooglechromeMatch1.0.154.42
| Vendor | Product | Version | CPE |
|---|---|---|---|
| chrome | 0.4.154.22 | cpe:/a:google:chrome:0.4.154.22::: | |
| chrome | 0.4.154.33 | cpe:/a:google:chrome:0.4.154.33::: | |
| chrome | 0.3.154.3 | cpe:/a:google:chrome:0.3.154.3::: | |
| chrome | 0.3.154.0 | cpe:/a:google:chrome:0.3.154.0::: | |
| chrome | 1.0.154.39 | cpe:/a:google:chrome:1.0.154.39::: | |
| chrome | 0.2.153.1 | cpe:/a:google:chrome:0.2.153.1::: | |
| chrome | 0.4.154.18 | cpe:/a:google:chrome:0.4.154.18::: | |
| chrome | 0.2.152.1 | cpe:/a:google:chrome:0.2.152.1::: | |
| chrome | 0.4.154.31 | cpe:/a:google:chrome:0.4.154.31::: | |
| chrome | cpe:/a:google:chrome:::: |
Related
debiancve
debiancve
CVE-2009-0276
2009-02-03 19:30:00
nvd
nvd
CVE-2009-0276
2009-02-03 19:30:00
cvelist
cvelist
CVE-2009-0276
2022-10-03 16:24:11
prion
prion
Cross site scripting
2009-02-03 19:30:00
openvas
openvas
Google Chrome Multiple Vulnerabilities (Feb-09)
2009-02-05 00:00:00
Google Chrome Multiple Vulnerabilities (Feb 2009)
2009-02-05 00:00:00
chrome
chrome
Stable, Beta update: Yahoo! Mail and Security Fixes
2009-01-28 00:00:00
nessus
nessus
Google Chrome < 1.0.154.46 Multiple Vulnerabilities
2009-02-02 00:00:00
Google Chrome < 1.0.154.46 Multiple Vulnerabilities
2009-01-31 00:00:00
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
AI Score
6.2
Confidence
Low
EPSS
0.002
Percentile
61.9%
Related for CVE-2009-0276