ID de Prueba:	1.3.6.1.4.1.25623.1.0.800561
Categoría:	Web application abuses
Título:	Google Chrome Multiple XSS Vulnerabilities (May 2009)
Resumen:	Google Chrome is prone to multiple XSS vulnerabilities.
Descripción:	Summary: Google Chrome is prone to multiple XSS vulnerabilities. Vulnerability Insight: Multiple flaws are due to: - Error in chromeHTML URL protocol handler, that do not satisfy the IsWebSafeScheme restriction via a web page that sets document.location and also that are not constructed with sufficient escaping hence when invoked by Internet Explorer might open multiple tabs for unconstrained protocols such as javascript: or file:. - It may allow malicious URLs to bypass the same-origin policy and obtain sensitive information including authentication credentials. Vulnerability Impact: Successful exploitation will let the attacker execute arbitrary codes and XSS attack in the context of the web browser. Affected Software/OS: Google Chrome versions prior to 1.0.154.59. Solution: Upgrade to Google Chrome version 1.0.154.59. CVSS Score: 7.8 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:N/A:N
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2009-1412 http://chromium.googlecode.com/issues/attachment?aid=5579180911289877192&name=Google+Chrome+Advisory.doc XForce ISS Database: googlechrome-chromehtml-command-execution(50449) https://exchange.xforce.ibmcloud.com/vulnerabilities/50449 Common Vulnerability Exposure (CVE) ID: CVE-2009-1340
Copyright	Copyright (C) 2009 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.