CVE-2010-0643: Infoleak

First published: Thu Feb 18 2010(Updated: )

Google Chrome before 4.0.249.89 attempts to make direct connections to web sites when all configured proxy servers are unavailable, which allows remote HTTP servers to obtain potentially sensitive information about the identity of a client user via standard HTTP logging, as demonstrated by a proxy server that was configured for the purpose of anonymity.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
Google Chrome	<=4.0.249.78
Google Chrome	=0.2.149.27
Google Chrome	=0.2.149.29
Google Chrome	=0.2.149.30
Google Chrome	=0.2.152.1
Google Chrome	=0.2.153.1
Google Chrome	=0.3.154.0
Google Chrome	=0.3.154.3
Google Chrome	=0.4.154.18
Google Chrome	=0.4.154.22
Google Chrome	=0.4.154.31
Google Chrome	=0.4.154.33
Google Chrome	=1.0.154.36
Google Chrome	=1.0.154.39
Google Chrome	=1.0.154.42
Google Chrome	=1.0.154.43
Google Chrome	=1.0.154.46
Google Chrome	=1.0.154.48
Google Chrome	=1.0.154.52
Google Chrome	=1.0.154.53
Google Chrome	=1.0.154.59
Google Chrome	=1.0.154.65
Google Chrome	=2.0.156.1
Google Chrome	=2.0.157.0
Google Chrome	=2.0.157.2
Google Chrome	=2.0.158.0
Google Chrome	=2.0.159.0
Google Chrome	=2.0.169.0
Google Chrome	=2.0.169.1
Google Chrome	=2.0.170.0
Google Chrome	=2.0.172
Google Chrome	=2.0.172.2
Google Chrome	=2.0.172.8
Google Chrome	=2.0.172.27
Google Chrome	=2.0.172.28
Google Chrome	=2.0.172.30
Google Chrome	=2.0.172.31
Google Chrome	=2.0.172.33
Google Chrome	=2.0.172.37
Google Chrome	=2.0.172.38
Google Chrome	=3.0.182.2
Google Chrome	=3.0.190.2
Google Chrome	=3.0.193.2-beta
Google Chrome	=3.0.195.21
Google Chrome	=3.0.195.24
Google Chrome	=3.0.195.32
Google Chrome	=3.0.195.33

Remedy

http://googlechromereleases.blogspot.com/2010/02/stable-channel-update.html

Never miss a vulnerability like this again

Reference Links

agent/references
agent/description
agent/type
agent/softwarecombine
agent/last-modified-date
agent/first-publish-date
collector/nvd-index
agent/software-canonical-lookup-request
collector/nvd-historical
agent/severity
agent/weakness
agent/remedy
agent/tags
agent/event
agent/author
collector/mitre-cve
source/MITRE
vendor/google
canonical/google chrome
version/google chrome/4.0.249.78
version/google chrome/0.2.149.27
version/google chrome/0.2.149.29
version/google chrome/0.2.149.30
version/google chrome/0.2.152.1
version/google chrome/0.2.153.1
version/google chrome/0.3.154.0
version/google chrome/0.3.154.3
version/google chrome/0.4.154.18
version/google chrome/0.4.154.22
version/google chrome/0.4.154.31
version/google chrome/0.4.154.33
version/google chrome/1.0.154.36
version/google chrome/1.0.154.39
version/google chrome/1.0.154.42
version/google chrome/1.0.154.43
version/google chrome/1.0.154.46
version/google chrome/1.0.154.48
version/google chrome/1.0.154.52
version/google chrome/1.0.154.53
version/google chrome/1.0.154.59
version/google chrome/1.0.154.65
version/google chrome/2.0.156.1
version/google chrome/2.0.157.0
version/google chrome/2.0.157.2
version/google chrome/2.0.158.0
version/google chrome/2.0.159.0
version/google chrome/2.0.169.0
version/google chrome/2.0.169.1
version/google chrome/2.0.170.0
version/google chrome/2.0.172
version/google chrome/2.0.172.2
version/google chrome/2.0.172.8
version/google chrome/2.0.172.27
version/google chrome/2.0.172.28
version/google chrome/2.0.172.30
version/google chrome/2.0.172.31
version/google chrome/2.0.172.33
version/google chrome/2.0.172.37
version/google chrome/2.0.172.38
version/google chrome/3.0.182.2
version/google chrome/3.0.190.2
version/google chrome/3.0.193.2-beta
version/google chrome/3.0.195.21
version/google chrome/3.0.195.24
version/google chrome/3.0.195.32
version/google chrome/3.0.195.33

CVE-2010-0643: Infoleak

Remedy

Never miss a vulnerability like this again

Reference Links

Company

Resources

Contact