Computer Security
[EN] no-pyccku

Google Chrome information leak
SecurityVulns ID:10624
Threat Level:
Description:Password manager allows username/password from external source to be automatically filled.
Affected:GOOGLE : Chrome 3.0
 GOOGLE : Chrome 4.0
CVE:CVE-2010-0556 (browser/login/ in Google Chrome before populates an authentication dialog with credentials that were stored by Password Manager for a different web site, which allows user-assisted remote HTTP servers to obtain sensitive information via a URL that requires authentication, as demonstrated by a URL in the SRC attribute of an IMG element.)
Original documentdocumentVSR Advisories, Chrome Password Manager Cross Origin Weakness (CVE-2010-0556) (16.02.2010)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod