browser/login/login_prompt.cc in Google Chrome before 4.0.249.89 populates an authentication dialog with credentials that were stored by Password Manager for a different web site, which allows user-assisted remote HTTP servers to obtain sensitive information via a URL that requires authentication, as demonstrated by a URL in the SRC attribute of an IMG element.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2010-02-18T17:00:00
Updated: 2024-08-07T00:52:19.702Z
Reserved: 2010-02-05T00:00:00
Link: CVE-2010-0556
Vulnrichment
No data.
NVD
Status : Modified
Published: 2010-02-18T17:30:00.583
Modified: 2024-11-21T01:12:26.570
Link: CVE-2010-0556
Redhat
No data.