An unspecified function in the JavaScript implementation in Google Chrome creates and exposes a "temporary footprint" when there is a current login to a web site, which makes it easier for remote attackers to trick a user into acting upon a spoofed pop-up message, aka an "in-session phishing attack." NOTE: as of 20090116, the only disclosure is a vague pre-advisory with no actionable information. However, because it is from a well-known researcher, it is being assigned a CVE identifier for tracking purposes.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2009-01-20T16:00:00Z
Updated: 2024-09-17T03:59:56.296Z
Reserved: 2009-01-20T00:00:00Z
Link: CVE-2008-5915
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2009-01-20T16:30:00.407
Modified: 2021-11-15T18:40:02.773
Link: CVE-2008-5915
Redhat
No data.