CVE-2010-3115

Google Chrome before 5.0.375.127, and webkitgtk before 1.2.6, does not properly implement the history feature, which might allow remote attackers to spoof the address bar via unspecified vectors.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:N/I:P/A:N
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 80%
VendorProductVersion
googlechrome
𝑥
< 5.0.375.127
webkitgtkwebkitgtk
𝑥
< 1.2.6
canonicalubuntu_linux
9.10
canonicalubuntu_linux
10.04
canonicalubuntu_linux
10.10
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
chromium-browser
natty
not-affected
maverick
not-affected
lucid
Fixed 6.0.472.53~r57914-0ubuntu0.10.04.1
released
karmic
dne
jaunty
dne
hardy
dne
dapper
dne
webkit
natty
not-affected
maverick
Fixed 1.2.5-0ubuntu0.10.10.1
released
lucid
Fixed 1.2.5-0ubuntu0.10.04.1
released
karmic
Fixed 1.2.5-0ubuntu0.9.10.1
released
jaunty
ignored
hardy
ignored
dapper
dne
References
http://code.google.com/p/chromium/issues/detail?id=49964
http://googlechromereleases.blogspot.com/2010/08/stable-channel-update_19.html
http://secunia.com/advisories/41856
http://secunia.com/advisories/43086
http://www.mandriva.com/security/advisories?name=MDVSA-2011:039
http://www.redhat.com/support/errata/RHSA-2011-0177.html
http://www.securityfocus.com/bid/44203
http://www.ubuntu.com/usn/USN-1006-1
http://www.vupen.com/english/advisories/2010/2722
http://www.vupen.com/english/advisories/2011/0216
http://www.vupen.com/english/advisories/2011/0552
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11953
http://code.google.com/p/chromium/issues/detail?id=49964
http://googlechromereleases.blogspot.com/2010/08/stable-channel-update_19.html
http://secunia.com/advisories/41856
http://secunia.com/advisories/43086
http://www.mandriva.com/security/advisories?name=MDVSA-2011:039
http://www.redhat.com/support/errata/RHSA-2011-0177.html
http://www.securityfocus.com/bid/44203
http://www.ubuntu.com/usn/USN-1006-1
http://www.vupen.com/english/advisories/2010/2722
http://www.vupen.com/english/advisories/2011/0216
http://www.vupen.com/english/advisories/2011/0552
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11953