Google Chrome prior 4.0.263.0 DocumentThreadableLoader.cpp cross-site request forgery
![Google](/logos/google.jpg)
CVSS Meta Temp Score | Current Exploit Price (≈) | CTI Interest Score |
---|---|---|
5.7 | $0-$5k | 0.00 |
A vulnerability classified as problematic has been found in Google Chrome (Web Browser). Affected is an unknown code of the file loader/DocumentThreadableLoader.cpp. The manipulation with an unknown input leads to a cross-site request forgery vulnerability. CWE is classifying the issue as CWE-352. The web application does not, or can not, sufficiently verify whether a well-formed, valid, consistent request was intentionally provided by the user who submitted the request. This is going to have an impact on confidentiality, integrity, and availability. CVE summarizes:
Cross-site request forgery (CSRF) vulnerability in loader/DocumentThreadableLoader.cpp in WebCore in WebKit before r57041, as used in Google Chrome before 4.1.249.1059, allows remote attackers to hijack the authentication of unspecified victims via a crafted synchronous preflight XMLHttpRequest operation.
The weakness was presented 04/21/2010 by Meder Kydyraliev (SkyLined) (Website). The advisory is shared for download at bugs.webkit.org. This vulnerability is traded as CVE-2010-1767 since 05/06/2010. It is possible to launch the attack remotely. The exploitation doesn't require any form of authentication. Successful exploitation requires user interaction by the victim. There are known technical details, but no exploit is available.
It is declared as proof-of-concept. The vulnerability scanner Nessus provides a plugin with the ID 47751 (FreeBSD : webkit-gtk2 -- Multiple vulnerabilities (19419b3b-92bd-11df-b140-0015f2db7bde)), which helps to determine the existence of the flaw in a target environment. It is assigned to the family FreeBSD Local Security Checks.
Upgrading to version 4.0.263.0 eliminates this vulnerability. The upgrade is hosted for download at chrome.google.com.
The vulnerability is also documented in the databases at Tenable (47751), SecurityFocus (BID 39603†), OSVDB (64002†), Secunia (SA39544†) and Vulnerability Center (SBV-27287†).
Product
Type
Vendor
Name
Version
- 0.2.149.27
- 0.2.149.29
- 0.2.149.30
- 0.2.152.1
- 0.2.153.1
- 0.3.154.0
- 0.3.154.3
- 0.4.154.18
- 0.4.154.22
- 0.4.154.31
- 0.4.154.33
- 0.9.126.0
- 0.10.156.20
- 0.10.156.50
- 1.0.154.36
- 1.0.154.39
- 1.0.154.42
- 1.0.154.43
- 1.0.154.46
- 1.0.154.48
- 1.0.154.52
- 1.0.154.53
- 1.0.154.59
- 1.0.154.65
- 1.2.0
- 1.2.3
- 2.0.0
- 2.0.156.1
- 2.0.157.0
- 2.0.157.2
- 2.0.158.0
- 2.0.159.0
- 2.0.169.0
- 2.0.169.1
- 2.0.170.0
- 2.0.172
- 2.0.172.2
- 2.0.172.8
- 2.0.172.27
- 2.0.172.28
- 2.0.172.30
- 2.0.172.31
- 2.0.172.33
- 2.0.172.37
- 2.0.172.38
- 2.9.5
- 3.0.182.2
- 3.0.190.2
- 3.0.193.2
- 3.22.24.16
- 3.24.12
- 3.42
- 3.43
- 4.0.249.0
License
CPE 2.3
CPE 2.2
CVSSv4
VulDB CVSS-B Score: 🔍VulDB CVSS-BT Score: 🔍
VulDB Vector: 🔍
VulDB Reliability: 🔍
CVSSv3
VulDB Meta Base Score: 6.3VulDB Meta Temp Score: 5.7
VulDB Base Score: 6.3
VulDB Temp Score: 5.7
VulDB Vector: 🔍
VulDB Reliability: 🔍
CVSSv2
AV | AC | Au | C | I | A |
---|---|---|---|---|---|
💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
Vector | Complexity | Authentication | Confidentiality | Integrity | Availability |
---|---|---|---|---|---|
unlock | unlock | unlock | unlock | unlock | unlock |
unlock | unlock | unlock | unlock | unlock | unlock |
unlock | unlock | unlock | unlock | unlock | unlock |
VulDB Base Score: 🔍
VulDB Temp Score: 🔍
VulDB Reliability: 🔍
NVD Base Score: 🔍
Exploiting
Class: Cross-site request forgeryCWE: CWE-352 / CWE-862 / CWE-863
CAPEC: 🔍
ATT&CK: 🔍
Local: No
Remote: Yes
Availability: 🔍
Status: Proof-of-Concept
EPSS Score: 🔍
EPSS Percentile: 🔍
Price Prediction: 🔍
Current Price Estimation: 🔍
0-Day | unlock | unlock | unlock | unlock |
---|---|---|---|---|
Today | unlock | unlock | unlock | unlock |
Nessus ID: 47751
Nessus Name: FreeBSD : webkit-gtk2 -- Multiple vulnerabilities (19419b3b-92bd-11df-b140-0015f2db7bde)
Nessus File: 🔍
Nessus Risk: 🔍
Nessus Family: 🔍
OpenVAS ID: 67711
OpenVAS Name: FreeBSD Ports: webkit-gtk2
OpenVAS File: 🔍
OpenVAS Family: 🔍
Threat Intelligence
Interest: 🔍Active Actors: 🔍
Active APT Groups: 🔍
Countermeasures
Recommended: UpgradeStatus: 🔍
0-Day Time: 🔍
Upgrade: Chrome 4.0.263.0
Timeline
04/20/2010 🔍04/20/2010 🔍
04/21/2010 🔍
04/21/2010 🔍
05/06/2010 🔍
09/24/2010 🔍
09/27/2010 🔍
03/19/2015 🔍
09/25/2021 🔍
Sources
Vendor: google.comProduct: google.com
Advisory: USN-1006-1
Researcher: Meder Kydyraliev (SkyLined)
Status: Not defined
Confirmation: 🔍
CVE: CVE-2010-1767 (🔍)
OVAL: 🔍
SecurityFocus: 39603 - RETIRED: Google Chrome prior to 4.1.249.1059 Multiple Security Vulnerabilities
Secunia: 39544
OSVDB: 64002 - Google Chrome WebKit WebCore loader/DocumentThreadableLoader.cpp XMLHttpRequest Operation CSRF
Vulnerability Center: 27287 - WebKit Before r57041 in Google Chrome Before 4.1.249.1059 Cross Site Request Forgery Vulnerability, Medium
Vupen: ADV-2010-2722
Entry
Created: 03/19/2015 14:37Updated: 09/25/2021 13:40
Changes: 03/19/2015 14:37 (70), 08/23/2017 18:15 (8), 09/25/2021 13:35 (3), 09/25/2021 13:40 (1)
Complete: 🔍
Cache ID: 18:9ED:103
No comments yet. Languages: en.
Please log in to comment.