9.3

CVE-2010-0657

Google Chrome before 4.0.249.78 on Windows does not perform the expected encoding, escaping, and quoting for the URL in the --app argument in a desktop shortcut, which allows user-assisted remote attackers to execute arbitrary programs or obtain sensitive information by tricking a user into creating a crafted shortcut.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
GoogleChrome Version0.2.149.27
   GoogleChrome Updatebeta Version <= 4.0.249.78
   MicrosoftWindows
GoogleChrome Version0.2.149.29
   GoogleChrome Updatebeta Version <= 4.0.249.78
   MicrosoftWindows
GoogleChrome Version0.2.149.30
   GoogleChrome Updatebeta Version <= 4.0.249.78
   MicrosoftWindows
GoogleChrome Version0.2.152.1
   GoogleChrome Updatebeta Version <= 4.0.249.78
   MicrosoftWindows
GoogleChrome Version0.2.153.1
   GoogleChrome Updatebeta Version <= 4.0.249.78
   MicrosoftWindows
GoogleChrome Version0.3.154.0
   GoogleChrome Updatebeta Version <= 4.0.249.78
   MicrosoftWindows
GoogleChrome Version0.3.154.3
   GoogleChrome Updatebeta Version <= 4.0.249.78
   MicrosoftWindows
GoogleChrome Version0.4.154.18
   GoogleChrome Updatebeta Version <= 4.0.249.78
   MicrosoftWindows
GoogleChrome Version0.4.154.22
   GoogleChrome Updatebeta Version <= 4.0.249.78
   MicrosoftWindows
GoogleChrome Version0.4.154.31
   GoogleChrome Updatebeta Version <= 4.0.249.78
   MicrosoftWindows
GoogleChrome Version0.4.154.33
   GoogleChrome Updatebeta Version <= 4.0.249.78
   MicrosoftWindows
GoogleChrome Version1.0.154.36
   GoogleChrome Updatebeta Version <= 4.0.249.78
   MicrosoftWindows
GoogleChrome Version1.0.154.39
   GoogleChrome Updatebeta Version <= 4.0.249.78
   MicrosoftWindows
GoogleChrome Version1.0.154.42
   GoogleChrome Updatebeta Version <= 4.0.249.78
   MicrosoftWindows
GoogleChrome Version1.0.154.43
   GoogleChrome Updatebeta Version <= 4.0.249.78
   MicrosoftWindows
GoogleChrome Version1.0.154.46
   GoogleChrome Updatebeta Version <= 4.0.249.78
   MicrosoftWindows
GoogleChrome Version1.0.154.48
   GoogleChrome Updatebeta Version <= 4.0.249.78
   MicrosoftWindows
GoogleChrome Version1.0.154.52
   GoogleChrome Updatebeta Version <= 4.0.249.78
   MicrosoftWindows
GoogleChrome Version1.0.154.53
   GoogleChrome Updatebeta Version <= 4.0.249.78
   MicrosoftWindows
GoogleChrome Version1.0.154.59
   GoogleChrome Updatebeta Version <= 4.0.249.78
   MicrosoftWindows
GoogleChrome Version1.0.154.65
   GoogleChrome Updatebeta Version <= 4.0.249.78
   MicrosoftWindows
GoogleChrome Version2.0.156.1
   GoogleChrome Updatebeta Version <= 4.0.249.78
   MicrosoftWindows
GoogleChrome Version2.0.157.0
   GoogleChrome Updatebeta Version <= 4.0.249.78
   MicrosoftWindows
GoogleChrome Version2.0.157.2
   GoogleChrome Updatebeta Version <= 4.0.249.78
   MicrosoftWindows
GoogleChrome Version2.0.158.0
   GoogleChrome Updatebeta Version <= 4.0.249.78
   MicrosoftWindows
GoogleChrome Version2.0.159.0
   GoogleChrome Updatebeta Version <= 4.0.249.78
   MicrosoftWindows
GoogleChrome Version2.0.169.0
   GoogleChrome Updatebeta Version <= 4.0.249.78
   MicrosoftWindows
GoogleChrome Version2.0.169.1
   GoogleChrome Updatebeta Version <= 4.0.249.78
   MicrosoftWindows
GoogleChrome Version2.0.170.0
   GoogleChrome Updatebeta Version <= 4.0.249.78
   MicrosoftWindows
GoogleChrome Version2.0.172
   GoogleChrome Updatebeta Version <= 4.0.249.78
   MicrosoftWindows
GoogleChrome Version2.0.172.2
   GoogleChrome Updatebeta Version <= 4.0.249.78
   MicrosoftWindows
GoogleChrome Version2.0.172.8
   GoogleChrome Updatebeta Version <= 4.0.249.78
   MicrosoftWindows
GoogleChrome Version2.0.172.27
   GoogleChrome Updatebeta Version <= 4.0.249.78
   MicrosoftWindows
GoogleChrome Version2.0.172.28
   GoogleChrome Updatebeta Version <= 4.0.249.78
   MicrosoftWindows
GoogleChrome Version2.0.172.30
   GoogleChrome Updatebeta Version <= 4.0.249.78
   MicrosoftWindows
GoogleChrome Version2.0.172.31
   GoogleChrome Updatebeta Version <= 4.0.249.78
   MicrosoftWindows
GoogleChrome Version2.0.172.33
   GoogleChrome Updatebeta Version <= 4.0.249.78
   MicrosoftWindows
GoogleChrome Version2.0.172.37
   GoogleChrome Updatebeta Version <= 4.0.249.78
   MicrosoftWindows
GoogleChrome Version2.0.172.38
   GoogleChrome Updatebeta Version <= 4.0.249.78
   MicrosoftWindows
GoogleChrome Version3.0.182.2
   GoogleChrome Updatebeta Version <= 4.0.249.78
   MicrosoftWindows
GoogleChrome Version3.0.190.2
   GoogleChrome Updatebeta Version <= 4.0.249.78
   MicrosoftWindows
GoogleChrome Version3.0.193.2 Updatebeta
   GoogleChrome Updatebeta Version <= 4.0.249.78
   MicrosoftWindows
GoogleChrome Version3.0.195.21
   GoogleChrome Updatebeta Version <= 4.0.249.78
   MicrosoftWindows
GoogleChrome Version3.0.195.24
   GoogleChrome Updatebeta Version <= 4.0.249.78
   MicrosoftWindows
GoogleChrome Version3.0.195.32
   GoogleChrome Updatebeta Version <= 4.0.249.78
   MicrosoftWindows
GoogleChrome Version3.0.195.33
   GoogleChrome Updatebeta Version <= 4.0.249.78
   MicrosoftWindows
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 1.89% 0.768
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 9.3 8.6 10
AV:N/AC:M/Au:N/C:C/I:C/A:C
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://sites.google.com/a/chromium.org/dev/Home/chromium-security/chromium-security-bugs
http://googlechromereleases.blogspot.com/2010/01/stable-channel-update_25.html
http://securitytracker.com/id?1023506
http://code.google.com/p/chromium/issues/detail?id=23693
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14306