CVE-2010-0644
Google Chrome < 4.0.249.89 - Sensitive Information Exposure via SOCKS 5 Proxy DNS Queries
Title source: llmDescription
Google Chrome before 4.0.249.89, when a SOCKS 5 proxy server is configured, sends DNS queries directly, which allows remote DNS servers to obtain potentially sensitive information about the identity of a client user via request logging, as demonstrated by a proxy server that was configured for the purpose of anonymity.
References (8)
Core 8
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/38177
Issue Tracking x_refsource_confirm
http://code.google.com/p/chromium/issues/detail?id=29914
Vendor Advisory x_refsource_confirm
http://sites.google.com/a/chromium.org/dev/Home/chromium-security/chromium-security-bugs
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://securitytracker.com/id?1023583
Patch, Vendor Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2010/0361
Patch x_refsource_confirm
http://googlechromereleases.blogspot.com/2010/02/stable-channel-update.html
Third Party Advisory, VDB Entry vdb-entry
signature
x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13926
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/38545
Scores
EPSS
0.0086
EPSS Percentile
54.2%
Details
CWE
CWE-200
Status
published
Products (47)
google/chrome
0.2.149.27
google/chrome
0.2.149.29
google/chrome
0.2.149.30
google/chrome
0.2.152.1
google/chrome
0.2.153.1
google/chrome
0.3.154.0
google/chrome
0.3.154.3
google/chrome
0.4.154.18
google/chrome
0.4.154.22
google/chrome
0.4.154.31
... and 37 more
Published
Feb 18, 2010
Tracked Since
Feb 18, 2026