CVE-2010-4483

Google Chrome before 8.0.552.215 does not properly restrict read access to videos derived from CANVAS elements, which allows remote attackers to bypass the Same Origin Policy and obtain potentially sensitive video data via a crafted web site.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
4.3 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:P/I:N/A:N
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 50%
VendorProductVersion
googlechrome
𝑥
≤ 8.0.552.214
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
chromium-browser
maverick
Fixed 8.0.552.215~r67652-0ubuntu0.10.10.1
released
lucid
Fixed 8.0.552.215~r67652-0ubuntu0.10.04.1
released
karmic
dne
hardy
dne
dapper
dne
Common Weakness Enumeration
References
http://code.google.com/p/chromium/issues/detail?id=55745
http://googlechromereleases.blogspot.com/2010/12/stable-beta-channel-updates.html
http://secunia.com/advisories/42472
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11610
https://technet.microsoft.com/library/security/msvr11-002
http://code.google.com/p/chromium/issues/detail?id=55745
http://googlechromereleases.blogspot.com/2010/12/stable-beta-channel-updates.html
http://secunia.com/advisories/42472
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11610
https://technet.microsoft.com/library/security/msvr11-002