CVE-2010-1230

critical

Description

Google Chrome before 4.1.249.1036 does not have the expected behavior for attempts to delete Web SQL Databases and clear the Strict Transport Security (STS) state, which has unspecified impact and attack vectors.

References

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14292

http://googlechromereleases.blogspot.com/2010/03/stable-channel-update.html

http://code.google.com/p/chromium/issues/detail?id=33445

http://code.google.com/p/chromium/issues/detail?id=30801

Details

Source: Mitre, NVD

Published: 2010-04-01

Updated: 2024-11-21

Risk Information

CVSS v2

Base Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Severity: Critical

CVSS v3

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: Critical