4.3

CVE-2009-3264

The getSVGDocument method in Google Chrome before 3.0.195.21 omits an unspecified "access check," which allows remote web servers to bypass the Same Origin Policy and conduct cross-site scripting attacks via unknown vectors, related to a user's visit to a different web server that hosts an SVG document.

Daten sind bereitgestellt durch National Vulnerability Database (NVD)
GoogleChrome Updatebeta Version <= 3.0.193.2
GoogleChrome Version0.2.149.27
GoogleChrome Version0.2.149.29
GoogleChrome Version0.2.149.30
GoogleChrome Version0.2.152.1
GoogleChrome Version0.2.153.1
GoogleChrome Version0.3.154.0
GoogleChrome Version0.3.154.3
GoogleChrome Version0.4.154.18
GoogleChrome Version0.4.154.22
GoogleChrome Version0.4.154.31
GoogleChrome Version0.4.154.33
GoogleChrome Version1.0.154.36
GoogleChrome Version1.0.154.39
GoogleChrome Version1.0.154.42
GoogleChrome Version1.0.154.43
GoogleChrome Version1.0.154.46
GoogleChrome Version1.0.154.48
GoogleChrome Version1.0.154.52
GoogleChrome Version1.0.154.53
GoogleChrome Version1.0.154.59
GoogleChrome Version1.0.154.65
GoogleChrome Version2.0.156.1
GoogleChrome Version2.0.157.0
GoogleChrome Version2.0.157.2
GoogleChrome Version2.0.158.0
GoogleChrome Version2.0.159.0
GoogleChrome Version2.0.169.0
GoogleChrome Version2.0.169.1
GoogleChrome Version2.0.170.0
GoogleChrome Version2.0.172
GoogleChrome Version2.0.172.2
GoogleChrome Version2.0.172.8
GoogleChrome Version2.0.172.27
GoogleChrome Version2.0.172.28
GoogleChrome Version2.0.172.30
GoogleChrome Version2.0.172.31
GoogleChrome Version2.0.172.33
GoogleChrome Version2.0.172.37
GoogleChrome Version2.0.172.38
GoogleChrome Version3.0.182.2
GoogleChrome Version3.0.190.2
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.18% 0.36
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 4.3 8.6 2.9
AV:N/AC:M/Au:N/C:N/I:P/A:N