CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
AI Score
Confidence
Low
EPSS
Percentile
71.7%
WebKit, as used in Google Chrome before 15.0.874.102 and Android before 4.4, allows remote attackers to bypass the Same Origin Policy and conduct Universal XSS (UXSS) attacks via vectors related to (1) the DOMWindow::clear function and use of a selection object, (2) the Object::GetRealNamedPropertyInPrototypeChain function and use of an proto property, (3) the HTMLPlugInImageElement::allowedToLoadFrameURL function and use of a javascript: URL, (4) incorrect origins for XSLT-generated documents in the XSLTProcessor::createDocumentFromSource function, and (5) improper handling of synchronous frame loads in the ScriptController::executeIfJavaScriptURL function.
code.google.com/p/chromium/issues/detail?id=96047
code.google.com/p/chromium/issues/detail?id=96885
code.google.com/p/chromium/issues/detail?id=98053
code.google.com/p/chromium/issues/detail?id=99512
code.google.com/p/chromium/issues/detail?id=99750
googlechromereleases.blogspot.com/2011/10/chrome-stable-release.html
lists.apple.com/archives/security-announce/2012/Mar/msg00001.html
lists.apple.com/archives/security-announce/2012/Mar/msg00003.html
secunia.com/advisories/48288
secunia.com/advisories/48377
www.rafayhackingarticles.net/2014/10/a-tale-of-another-sop-bypass-in-android.html
www.securitytracker.com/id?1026774
android.googlesource.com/platform/external/webkit/+/109d59bf6fe4abfd001fc60ddd403f1046b117ef
exchange.xforce.ibmcloud.com/vulnerabilities/70959
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12940