Shodan
Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2009-1412

Argument injection vulnerability in the chromehtml: protocol handler in Google Chrome before 1.0.154.59, when invoked by Internet Explorer, allows remote attackers to determine the existence of files, and open tabs for URLs that do not satisfy the IsWebSafeScheme restriction, via a web page that sets document.location to a chromehtml: value, as demonstrated by use of a (1) javascript: or (2) data: URL. NOTE: this can be leveraged for Universal XSS by exploiting certain behavior involving persistence across page transitions.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 51.9%
CVSS Severity
CVSS v2 Score 7.8
Products affected by CVE-2009-1412
  • Google » Chrome » Version: N/A
    cpe:2.3:a:google:chrome:-
  • Google » Chrome » Version: 0.1.38.1
    cpe:2.3:a:google:chrome:0.1.38.1
  • Google » Chrome » Version: 0.1.38.2
    cpe:2.3:a:google:chrome:0.1.38.2
  • Google » Chrome » Version: 0.1.38.4
    cpe:2.3:a:google:chrome:0.1.38.4
  • Google » Chrome » Version: 0.1.40.1
    cpe:2.3:a:google:chrome:0.1.40.1
  • Google » Chrome » Version: 0.1.42.2
    cpe:2.3:a:google:chrome:0.1.42.2
  • Google » Chrome » Version: 0.1.42.3
    cpe:2.3:a:google:chrome:0.1.42.3
  • Google » Chrome » Version: 0.2.149.27
    cpe:2.3:a:google:chrome:0.2.149.27
  • Google » Chrome » Version: 0.2.149.29
    cpe:2.3:a:google:chrome:0.2.149.29
  • Google » Chrome » Version: 0.2.149.30
    cpe:2.3:a:google:chrome:0.2.149.30
  • Google » Chrome » Version: 0.2.152.1
    cpe:2.3:a:google:chrome:0.2.152.1
  • Google » Chrome » Version: 0.2.153.1
    cpe:2.3:a:google:chrome:0.2.153.1
  • Google » Chrome » Version: 0.3.154.0
    cpe:2.3:a:google:chrome:0.3.154.0
  • Google » Chrome » Version: 0.3.154.3
    cpe:2.3:a:google:chrome:0.3.154.3
  • Google » Chrome » Version: 0.4.154.18
    cpe:2.3:a:google:chrome:0.4.154.18
  • Google » Chrome » Version: 0.4.154.22
    cpe:2.3:a:google:chrome:0.4.154.22
  • Google » Chrome » Version: 0.4.154.31
    cpe:2.3:a:google:chrome:0.4.154.31
  • Google » Chrome » Version: 0.4.154.33
    cpe:2.3:a:google:chrome:0.4.154.33
  • Google » Chrome » Version: 1.0.154.36
    cpe:2.3:a:google:chrome:1.0.154.36
  • Google » Chrome » Version: 1.0.154.39
    cpe:2.3:a:google:chrome:1.0.154.39
  • Google » Chrome » Version: 1.0.154.42
    cpe:2.3:a:google:chrome:1.0.154.42
  • Google » Chrome » Version: 1.0.154.43
    cpe:2.3:a:google:chrome:1.0.154.43
  • Google » Chrome » Version: 1.0.154.46
    cpe:2.3:a:google:chrome:1.0.154.46
  • Google » Chrome » Version: 1.0.154.48
    cpe:2.3:a:google:chrome:1.0.154.48
  • Google » Chrome » Version: 1.0.154.52
    cpe:2.3:a:google:chrome:1.0.154.52
  • Google » Chrome » Version: 1.0.154.53
    cpe:2.3:a:google:chrome:1.0.154.53
  • Microsoft » Internet Explorer » Version: 7
    cpe:2.3:a:microsoft:internet_explorer:7


Products
Pricing
Contact Us

Shodan ® - All rights reserved