Author Topic: Google Chrome 4 flagged as insecure by Secunia  (Read 2294 times)

0 Members and 1 Guest are viewing this topic.

Hermite15

  • Guest
Google Chrome 4 flagged as insecure by Secunia
« on: January 28, 2010, 03:14:05 PM »
http://secunia.com/advisories/38061/
secunia was removed from startup on my system (had an issue with Seven taskbar and Secunia), so I just run a scan...

Quote
Description:
Cesar Cerrudo has discovered a vulnerability in Google Chrome, which can be exploited by malicious people to disclose potentially sensitive information.

The vulnerability is caused due to the application following redirects for stylesheets and allowing to read the target URL. This can be exploited on sites that use redirects to URLs containing potentially sensitive information e.g. within the query string.

This is related to vulnerability #8 in:
SA28758

The vulnerability is confirmed in version 3.0.195.38 and 4.0.249.78. Other versions may also be affected.

reported here:
http://www.google.com/support/forum/p/Chrome/thread?tid=77f535a7536e6278&hl=en
« Last Edit: January 28, 2010, 03:27:26 PM by Logos »