10
CVE-2010-1230
- EPSS 1.42%
- Veröffentlicht 01.04.2010 22:30:00
- Zuletzt bearbeitet 16.06.2026 23:17:53
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
Google Chrome before 4.1.249.1036 does not have the expected behavior for attempts to delete Web SQL Databases and clear the Strict Transport Security (STS) state, which has unspecified impact and attack vectors.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.42% | 0.693 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 10 | 10 | 10 |
AV:N/AC:L/Au:N/C:C/I:C/A:C
|
CWE-200 Exposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
http://googlechromereleases.blogspot.com/2010/03/stable-channel-update.html
http://code.google.com/p/chromium/issues/detail?id=30801
http://code.google.com/p/chromium/issues/detail?id=33445
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14292