SecuritySpace - CVE-2009-1413

Anfälligkeitssuche		Suche in 219043 CVE Beschreibungen und 99761 Test Beschreibungen, Zugriff auf 10,000+ Quellverweise.
	Tests CVE Alle

CVE Kennung: CVE-2009-1413

Beschreibung: Google Chrome 1.0.x does not cancel timeouts upon a page transition, which makes it easier for attackers to conduct Universal XSS attacks by calling setTimeout to trigger future execution of JavaScript code, and then modifying document.location to arrange for JavaScript execution in the context of an arbitrary web site. NOTE: this can be leveraged for a remote attack by exploiting a chromehtml: argument- injection vulnerability.

Test Kennungen: 1.3.6.1.4.1.25623.1.0.800562

Querverweise: Common Vulnerability Exposure (CVE) ID: CVE-2009-1413
http://chromium.googlecode.com/issues/attachment?aid=5579180911289877192&name=Google+Chrome+Advisory.doc
XForce ISS Database: googlechrome-settimeout-xss(50447)
https://exchange.xforce.ibmcloud.com/vulnerabilities/50447

CVE Kennung:	CVE-2009-1413
Beschreibung:	Google Chrome 1.0.x does not cancel timeouts upon a page transition, which makes it easier for attackers to conduct Universal XSS attacks by calling setTimeout to trigger future execution of JavaScript code, and then modifying document.location to arrange for JavaScript execution in the context of an arbitrary web site. NOTE: this can be leveraged for a remote attack by exploiting a chromehtml: argument- injection vulnerability.
Test Kennungen:	1.3.6.1.4.1.25623.1.0.800562
Querverweise:	Common Vulnerability Exposure (CVE) ID: CVE-2009-1413 http://chromium.googlecode.com/issues/attachment?aid=5579180911289877192&name=Google+Chrome+Advisory.doc XForce ISS Database: googlechrome-settimeout-xss(50447) https://exchange.xforce.ibmcloud.com/vulnerabilities/50447