CVE-2010-3118

The autosuggest feature in the Omnibox implementation in Google Chrome before 5.0.375.127 does not anticipate entry of passwords, which might allow remote attackers to obtain sensitive information by reading the network traffic generated by this feature.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:P/I:N/A:N
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 45%
VendorProductVersion
googlechrome
𝑥
< 5.0.375.127
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
chromium-browser
lucid
Fixed 6.0.472.53~r57914-0ubuntu0.10.04.1
released
karmic
dne
jaunty
dne
hardy
dne
dapper
dne
Common Weakness Enumeration
References
http://code.google.com/p/chromium/issues/detail?id=51146
http://googlechromereleases.blogspot.com/2010/08/stable-channel-update_19.html
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11839
http://code.google.com/p/chromium/issues/detail?id=51146
http://googlechromereleases.blogspot.com/2010/08/stable-channel-update_19.html
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11839