CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
EPSS
Percentile
83.6%
Google Chrome before 9.0.597.84 does not properly restrict drag and drop
operations, which might allow remote attackers to bypass the Same Origin
Policy via unspecified vectors.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 10.04 | noarch | chromium-browser | < 14.0.835.202~r103287-0ubuntu0.10.04.2 | UNKNOWN |
ubuntu | 10.10 | noarch | chromium-browser | < 14.0.835.202~r103287-0ubuntu0.10.10.1 | UNKNOWN |
ubuntu | 10.04 | noarch | webkit | < 1.2.7-0ubuntu0.10.04.1 | UNKNOWN |
ubuntu | 10.10 | noarch | webkit | < 1.2.7-0ubuntu0.10.10.1 | UNKNOWN |