Mageni Mageni Security LLC

Free and open-source vulnerability scanner

Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.

Install Now

Available for macOS, Windows, and Linux

App screenshot

CVE-2010-0556

CVE information

Published

13 years ago

Last Modified

4 years ago

CVSSv2.0 Severity

Medium

Impact Analysis

Share

Description

browser/login/login_prompt.cc in Google Chrome before 4.0.249.89 populates an authentication dialog with credentials that were stored by Password Manager for a different web site, which allows user-assisted remote HTTP servers to obtain sensitive information via a URL that requires authentication, as demonstrated by a URL in the SRC attribute of an IMG element..

CVSSv2.0 Score

Severity
Medium
Base Score
4.3/10
Exploit Score
8.6/10
Access Vector
Network
Access Complexity
Medium
Authentication Required
None
Impact Score
2.9/10
Confidentiality Impact
None
Availability Impact
None
Integrity Impact
Partial

Products Affected

CPE Affected Vulnerable Excluding Edit
cpe:2.3:a:google:chrome:2.0.172.8:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:google:chrome:0.3.154.3:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:google:chrome:3.0.182.2:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:google:chrome:0.2.149.30:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:google:chrome:0.4.154.31:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:google:chrome:1.0.154.39:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:google:chrome:2.0.172.38:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:google:chrome:1.0.154.59:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:google:chrome:0.2.149.27:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:google:chrome:1.0.154.53:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:google:chrome:0.4.154.33:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:google:chrome:2.0.170.0:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:google:chrome:1.0.154.43:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:google:chrome:1.0.154.42:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:google:chrome:2.0.169.1:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:google:chrome:2.0.172.33:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:google:chrome:3.0.195.24:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:google:chrome:3.0.195.33:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:google:chrome:1.0.154.52:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:google:chrome:2.0.172.27:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:google:chrome:1.0.154.65:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:google:chrome:2.0.157.2:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:google:chrome:0.4.154.18:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:google:chrome:0.2.149.29:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:google:chrome:2.0.157.0:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:google:chrome:0.2.152.1:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:google:chrome:0.3.154.0:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:google:chrome:0.2.153.1:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:google:chrome:2.0.172.2:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:google:chrome:3.0.195.21:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:google:chrome:2.0.169.0:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:google:chrome:1.0.154.36:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:google:chrome:2.0.172:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:google:chrome:2.0.172.30:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:google:chrome:3.0.193.2:beta:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:google:chrome:2.0.156.1:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:google:chrome:3.0.195.32:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:google:chrome:1.0.154.46:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:google:chrome:3.0.190.2:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:google:chrome:0.4.154.22:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:google:chrome:2.0.159.0:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:google:chrome:2.0.158.0:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:google:chrome:2.0.172.28:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:google:chrome:2.0.172.31:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:google:chrome:1.0.154.48:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:google:chrome:2.0.172.37:*:*:*:*:*:*:*
  Yes
- -

References