CVE-2010-0661

Currently unrated

Key Information:

Vendor: Apple
Status: Webkit; Chrome
Vendor: CVE Published:; 18 February 2010

Summary

WebCore/bindings/v8/custom/V8DOMWindowCustom.cpp in WebKit before r52401, as used in Google Chrome before 4.0.249.78, allows remote attackers to bypass the Same Origin Policy via vectors involving the window.open method.

References

http://googlechromereleases.blogspot.com/2010/01/stable-c...

x_refsource_CONFIRM

http://secunia.com/advisories/43068

third-party-advisoryx_refsource_SECUNIA

http://www.vupen.com/english/advisories/2011/0212

vdb-entryx_refsource_VUPEN

Timeline

Vulnerability published
Feb 18, 2010
Vulnerability Reserved
Feb 18, 2010