CVE-2010-0660: Infoleak
First published: Thu Feb 18 2010(Updated: )
Google Chrome before 4.0.249.78 sends an https URL in the Referer header of an http request in certain circumstances involving https to http redirection, which allows remote HTTP servers to obtain potentially sensitive information via standard HTTP logging.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Google Chrome | <=4.0.249.0 | |
| Google Chrome | =0.2.149.27 | |
| Google Chrome | =0.2.149.29 | |
| Google Chrome | =0.2.149.30 | |
| Google Chrome | =0.2.152.1 | |
| Google Chrome | =0.2.153.1 | |
| Google Chrome | =0.3.154.0 | |
| Google Chrome | =0.3.154.3 | |
| Google Chrome | =0.4.154.18 | |
| Google Chrome | =0.4.154.22 | |
| Google Chrome | =0.4.154.31 | |
| Google Chrome | =0.4.154.33 | |
| Google Chrome | =1.0.154.36 | |
| Google Chrome | =1.0.154.39 | |
| Google Chrome | =1.0.154.42 | |
| Google Chrome | =1.0.154.43 | |
| Google Chrome | =1.0.154.46 | |
| Google Chrome | =1.0.154.48 | |
| Google Chrome | =1.0.154.52 | |
| Google Chrome | =1.0.154.53 | |
| Google Chrome | =1.0.154.59 | |
| Google Chrome | =1.0.154.65 | |
| Google Chrome | =2.0.156.1 | |
| Google Chrome | =2.0.157.0 | |
| Google Chrome | =2.0.157.2 | |
| Google Chrome | =2.0.158.0 | |
| Google Chrome | =2.0.159.0 | |
| Google Chrome | =2.0.169.0 | |
| Google Chrome | =2.0.169.1 | |
| Google Chrome | =2.0.170.0 | |
| Google Chrome | =2.0.172 | |
| Google Chrome | =2.0.172.2 | |
| Google Chrome | =2.0.172.8 | |
| Google Chrome | =2.0.172.27 | |
| Google Chrome | =2.0.172.28 | |
| Google Chrome | =2.0.172.30 | |
| Google Chrome | =2.0.172.31 | |
| Google Chrome | =2.0.172.33 | |
| Google Chrome | =2.0.172.37 | |
| Google Chrome | =2.0.172.38 | |
| Google Chrome | =3.0.182.2 | |
| Google Chrome | =3.0.190.2 | |
| Google Chrome | =3.0.193.2-beta | |
| Google Chrome | =3.0.195.21 | |
| Google Chrome | =3.0.195.24 | |
| Google Chrome | =3.0.195.32 | |
| Google Chrome | =3.0.195.33 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://sites.google.com/a/chromium.org/dev/Home/chromium-security/chromium-security-bugs
- http://code.google.com/p/chromium/issues/detail?id=29920
- http://securitytracker.com/id?1023506
- http://googlechromereleases.blogspot.com/2010/01/stable-channel-update_25.html
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14247
- agent/description
- agent/type
- agent/softwarecombine
- agent/last-modified-date
- agent/first-publish-date
- collector/nvd-historical
- agent/software-canonical-lookup-request
- collector/nvd-index
- agent/author
- agent/weakness
- agent/severity
- agent/remedy
- agent/references
- agent/tags
- agent/event
- collector/mitre-cve
- source/MITRE
- vendor/google
- canonical/google chrome
- version/google chrome/2.0.172.8
- version/google chrome/0.3.154.3
- version/google chrome/3.0.182.2
- version/google chrome/0.2.149.30
- version/google chrome/0.4.154.31
- version/google chrome/1.0.154.39
- version/google chrome/2.0.172.38
- version/google chrome/1.0.154.59
- version/google chrome/0.2.149.27
- version/google chrome/1.0.154.53
- version/google chrome/0.4.154.33
- version/google chrome/2.0.170.0
- version/google chrome/1.0.154.43
- version/google chrome/1.0.154.42
- version/google chrome/2.0.169.1
- version/google chrome/2.0.172.33
- version/google chrome/3.0.195.24
- version/google chrome/3.0.195.33
- version/google chrome/1.0.154.52
- version/google chrome/2.0.172.27
- version/google chrome/1.0.154.65
- version/google chrome/2.0.157.2
- version/google chrome/0.4.154.18
- version/google chrome/0.2.149.29
- version/google chrome/2.0.157.0
- version/google chrome/0.2.152.1
- version/google chrome/0.3.154.0
- version/google chrome/4.0.249.0
- version/google chrome/0.2.153.1
- version/google chrome/2.0.172.2
- version/google chrome/3.0.195.21
- version/google chrome/2.0.169.0
- version/google chrome/1.0.154.36
- version/google chrome/2.0.172
- version/google chrome/2.0.172.30
- version/google chrome/3.0.193.2-beta
- version/google chrome/2.0.156.1
- version/google chrome/3.0.195.32
- version/google chrome/1.0.154.46
- version/google chrome/3.0.190.2
- version/google chrome/0.4.154.22
- version/google chrome/2.0.159.0
- version/google chrome/2.0.158.0
- version/google chrome/2.0.172.28
- version/google chrome/2.0.172.31
- version/google chrome/1.0.154.48
- version/google chrome/2.0.172.37