Google Chrome Cross-Origin Resource Sharing Security Bypass

Google Chrome Cross-Origin Resource Sharing Security Bypass
SECUNIA ADVISORY ID: SA37358
VERIFY ADVISORY: http://secunia.com/advisories/37358/
DESCRIPTION: A security issue has been reported in Google Chrome, which can be exploited by malicious people to bypass certain security restrictions.
The security issue is caused due to Cross-Origin Resource Sharing OPTIONS requests including custom HTTP headers and can be exploited to facilitate cross-site request forgery attacks.
This is related to vulnerability #3 in: SA37346
The security issue is reported in versions prior to 3.0.195.33.
SOLUTION: Update to version 3.0.195.33.
PROVIDED AND/OR DISCOVERED BY: The vendor credits Apple Security.
ORIGINAL ADVISORY: http://googlechromereleases.blogspot.com/2009/11/stable-update-fix-google-chrome-not.html
OTHER REFERENCES: SA37346: http://secunia.com/advisories/37346/
———————————————————————-

mobile

Dieser Beitrag wurde am Samstag 14. November 2009, 00:00 unter Bugs / Fehlermeldungen verfasst. Sie können alle Antworten auf diesen Beitrag nachverfolgen mit RSS 2.0. Sie können eine Antwort, oder einen Trackback von Ihrer eigenen Seite hinterlassen.

M	D	M	D	F	S	S
« Aug
		1	2	3	4	5
6	7	8	9	10	11	12
13	14	15	16	17	18	19
20	21	22	23	24	25	26
27	28	29	30

Google Chrome Cross-Origin Resource Sharing Security Bypass

Kalender

Meta