CVE-2010-3417

high

Description

Google Chrome before 6.0.472.59 does not prompt the user before granting access to the extension history, which allows attackers to obtain potentially sensitive information via unspecified vectors.

References

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7371

http://googlechromereleases.blogspot.com/2010/09/stable-beta-channel-updates_14.html

http://code.google.com/p/chromium/issues/detail?id=54006

Details

Source: Mitre, NVD

Published: 2010-09-16

Updated: 2020-07-31

Risk Information

CVSS v2

Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N

Severity: Medium

CVSS v3

Base Score: 7.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Severity: High

Detections

Analytics