Main Vulnerability Database Vulnerabilities #VU44473

Permissions, Privileges, and Access Controls in Google Chrome - CVE-2010-5073

Published: December 7, 2011 / Updated: August 11, 2020

Vulnerability identifier: #VU44473

CSH Severity: Medium

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Green

CVE-ID: CVE-2010-5073

CWE-ID: CWE-264

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vendor: Google

Affected software:
Google Chrome

Detailed vulnerability description

The vulnerability allows a remote non-authenticated attacker to gain access to sensitive information.

The JavaScript implementation in Google Chrome 4 does not properly restrict the set of values contained in the object returned by the getComputedStyle method, which allows remote attackers to obtain sensitive information about visited web pages by calling this method. NOTE: this may overlap CVE-2010-5070.

How to mitigate CVE-2010-5073

Install update from vendor's website.

Permissions, Privileges, and Access Controls in Google Chrome - CVE-2010-5073

Detailed vulnerability description

How to mitigate CVE-2010-5073

Sources

Please verify you're human