Lucene search

MitreCVE-2010-0660

HistoryFeb 18, 2010 - 6:00 p.m.

CVE-2010-0660

2010-02-1818:00:00

CWE-200

mitre

web.nvd.nist.gov

cve-2010-0660

google chrome

https

http

security vulnerability

nvd

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

AI Score

5.7

Confidence

Low

EPSS

0.002

Percentile

55.8%

JSON

Google Chrome before 4.0.249.78 sends an https URL in the Referer header of an http request in certain circumstances involving https to http redirection, which allows remote HTTP servers to obtain potentially sensitive information via standard HTTP logging.

Affected configurations

Nvd

Node

googlechromeRange≤4.0.249.0

googlechromeMatch0.2.149.27

googlechromeMatch0.2.149.29

googlechromeMatch0.2.149.30

googlechromeMatch0.2.152.1

googlechromeMatch0.2.153.1

googlechromeMatch0.3.154.0

googlechromeMatch0.3.154.3

googlechromeMatch0.4.154.18

googlechromeMatch0.4.154.22

googlechromeMatch0.4.154.31

googlechromeMatch0.4.154.33

googlechromeMatch1.0.154.36

googlechromeMatch1.0.154.39

googlechromeMatch1.0.154.42

googlechromeMatch1.0.154.43

googlechromeMatch1.0.154.46

googlechromeMatch1.0.154.48

googlechromeMatch1.0.154.52

googlechromeMatch1.0.154.53

googlechromeMatch1.0.154.59

googlechromeMatch1.0.154.65

googlechromeMatch2.0.156.1

googlechromeMatch2.0.157.0

googlechromeMatch2.0.157.2

googlechromeMatch2.0.158.0

googlechromeMatch2.0.159.0

googlechromeMatch2.0.169.0

googlechromeMatch2.0.169.1

googlechromeMatch2.0.170.0

googlechromeMatch2.0.172

googlechromeMatch2.0.172.2

googlechromeMatch2.0.172.8

googlechromeMatch2.0.172.27

googlechromeMatch2.0.172.28

googlechromeMatch2.0.172.30

googlechromeMatch2.0.172.31

googlechromeMatch2.0.172.33

googlechromeMatch2.0.172.37

googlechromeMatch2.0.172.38

googlechromeMatch3.0.182.2

googlechromeMatch3.0.190.2

googlechromeMatch3.0.193.2beta

googlechromeMatch3.0.195.21

googlechromeMatch3.0.195.24

googlechromeMatch3.0.195.32

googlechromeMatch3.0.195.33

VendorProductVersionCPE
googlechrome*cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*
googlechrome0.2.149.27cpe:2.3:a:google:chrome:0.2.149.27:*:*:*:*:*:*:*
googlechrome0.2.149.29cpe:2.3:a:google:chrome:0.2.149.29:*:*:*:*:*:*:*
googlechrome0.2.149.30cpe:2.3:a:google:chrome:0.2.149.30:*:*:*:*:*:*:*
googlechrome0.2.152.1cpe:2.3:a:google:chrome:0.2.152.1:*:*:*:*:*:*:*
googlechrome0.2.153.1cpe:2.3:a:google:chrome:0.2.153.1:*:*:*:*:*:*:*
googlechrome0.3.154.0cpe:2.3:a:google:chrome:0.3.154.0:*:*:*:*:*:*:*
googlechrome0.3.154.3cpe:2.3:a:google:chrome:0.3.154.3:*:*:*:*:*:*:*
googlechrome0.4.154.18cpe:2.3:a:google:chrome:0.4.154.18:*:*:*:*:*:*:*
googlechrome0.4.154.22cpe:2.3:a:google:chrome:0.4.154.22:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
google	chrome	*	cpe:2.3:a:google:chrome::::::::
google	chrome	0.2.149.27	cpe:2.3:a:google:chrome:0.2.149.27:::::::*
google	chrome	0.2.149.29	cpe:2.3:a:google:chrome:0.2.149.29:::::::*
google	chrome	0.2.149.30	cpe:2.3:a:google:chrome:0.2.149.30:::::::*
google	chrome	0.2.152.1	cpe:2.3:a:google:chrome:0.2.152.1:::::::*
google	chrome	0.2.153.1	cpe:2.3:a:google:chrome:0.2.153.1:::::::*
google	chrome	0.3.154.0	cpe:2.3:a:google:chrome:0.3.154.0:::::::*
google	chrome	0.3.154.3	cpe:2.3:a:google:chrome:0.3.154.3:::::::*
google	chrome	0.4.154.18	cpe:2.3:a:google:chrome:0.4.154.18:::::::*
google	chrome	0.4.154.22	cpe:2.3:a:google:chrome:0.4.154.22:::::::*