ID de Prueba:	1.3.6.1.4.1.25623.1.0.900860
Categoría:	Web application abuses
Título:	Google Chrome 'getSVGDocument' Cross-Site Scripting Vulnerability
Resumen:	Google Chrome is prone to a cross-site scripting (XSS) vulnerability.
Descripción:	Summary: Google Chrome is prone to a cross-site scripting (XSS) vulnerability. Vulnerability Insight: Error exists when 'getSVGDocument' method omits an unspecified access check which can be exploited by remote web servers to bypass the Same Origin Policy and conduct XSS attacks via unknown vectors. Vulnerability Impact: Successful exploitation will allow remote attackers to conduct XSS attacks on the victim's system via SVG document. Affected Software/OS: Google Chrome version prior to 3.0.195.21 on Windows. Solution: Upgrade to Google Chrom version 3.0.195.21 or later. CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2009-3264 BugTraq ID: 36416 http://www.securityfocus.com/bid/36416 http://osvdb.org/58193 http://secunia.com/advisories/36770
Copyright	Copyright (C) 2009 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.