10 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.018 Low
EPSS
Percentile
88.1%
The extension subsystem in Google Chrome before 17.0.963.78 does not
properly handle history navigation, which allows remote attackers to
execute arbitrary code by leveraging a “Universal XSS (UXSS)” issue.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 10.04 | noarch | chromium-browser | < 3.0.1271.97-0ubuntu0.10.04.1 | UNKNOWN |
ubuntu | 10.10 | noarch | chromium-browser | < 17.0.963.78~r125577 | UNKNOWN |
ubuntu | 11.04 | noarch | chromium-browser | < 17.0.963.78~r125577 | UNKNOWN |
ubuntu | 11.10 | noarch | chromium-browser | < 3.0.1271.97-0ubuntu0.11.10.1 | UNKNOWN |
ubuntu | 12.04 | noarch | chromium-browser | < 3.0.1271.97-0ubuntu0.12.04.1 | UNKNOWN |
ubuntu | 12.10 | noarch | chromium-browser | < 3.0.1271.97-0ubuntu0.12.10.1 | UNKNOWN |
ubuntu | 12.04 | noarch | webkit | < 1.8.1-0ubuntu0.12.04.1 | UNKNOWN |