Vulnerability Details : CVE-2010-1231
Google Chrome before 4.1.249.1036 processes HTTP headers before invoking the SafeBrowsing feature, which allows remote attackers to have an unspecified impact via crafted headers.
Products affected by CVE-2010-1231
- cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:0.2.149.29:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:0.2.149.30:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:1.0.154.36:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:0.2.149.27:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:3.0.190.2:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:2.0.172.8:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:2.0.172.2:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:2.0.172.33:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:2.0.169.1:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:1.0.154.48:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:1.0.154.52:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:0.3.154.3:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:0.2.153.1:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:2.0.172.28:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:2.0.172.38:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:2.0.158.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:2.0.169.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:2.0.159.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:2.0.172.37:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:1.0.154.59:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:3.0.193.2:beta:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:3.0.195.33:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:3.0.195.32:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:3.0.195.21:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:2.0.172.27:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:2.0.156.1:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:2.0.172.31:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:2.0.172.30:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:1.0.154.39:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:1.0.154.42:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:1.0.154.65:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:0.2.152.1:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:0.4.154.31:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:0.4.154.22:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:0.4.154.33:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:3.0.195.24:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:3.0.182.2:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:2.0.157.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:2.0.157.2:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:2.0.172:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:2.0.170.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:1.0.154.53:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:1.0.154.46:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:1.0.154.43:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:0.4.154.18:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:0.3.154.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:4.0.244.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:4.0.249.78:beta:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:4.1.249.1010:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:4.1.249.1011:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:4.1.249.1018:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:4.1.249.1019:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:4.1.249.1026:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:4.1.249.1027:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:4.1.249.1028:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:4.1.249.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:4.1.249.1001:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:4.1.249.1004:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:4.1.249.1012:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:4.1.249.1013:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:4.1.249.1006:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:4.1.249.1007:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:4.1.249.1014:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:4.1.249.1015:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:4.1.249.1022:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:4.1.249.1023:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:4.1.249.1031:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:4.1.249.1032:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:4.0.249.89:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:4.1.249.1020:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:4.1.249.1021:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:4.1.249.1029:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:4.1.249.1030:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:4.0.249.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:4.0.249.78:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:4.1.249.1008:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:4.1.249.1009:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:4.1.249.1016:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:4.1.249.1017:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:4.1.249.1024:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:4.1.249.1025:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:4.1.249.1033:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:4.1.249.1034:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:4.1:beta:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2010-1231
0.52%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 64 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2010-1231
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
7.5
|
HIGH | AV:N/AC:L/Au:N/C:P/I:P/A:P |
10.0
|
6.4
|
NIST |
References for CVE-2010-1231
-
http://googlechromereleases.blogspot.com/2010/03/stable-channel-update.html
Chrome Releases: Stable Channel Update
-
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14332
Repository / Oval Repository
-
http://code.google.com/p/chromium/issues/detail?id=33572
33572 - Security: "Harmful websites" are allowed to initiate downloads without user intervention. - chromium - Monorail
Jump to