Description
Google Chrome before 4.1.249.1036 does not have the expected behavior for attempts to delete Web SQL Databases and clear the Strict Transport Security (STS) state, which has unspecified impact and attack vectors.
References (4)
Core 4
Core References
Vendor Advisory x_refsource_confirm
http://code.google.com/p/chromium/issues/detail?id=30801
Third Party Advisory x_refsource_confirm
http://googlechromereleases.blogspot.com/2010/03/stable-channel-update.html
Third Party Advisory vdb-entry
signature
x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14292
Vendor Advisory x_refsource_confirm
http://code.google.com/p/chromium/issues/detail?id=33445
Scores
EPSS
0.0142
EPSS Percentile
69.6%
Details
CWE
CWE-200
Status
published
Products (1)
google/chrome
< 4.1.249.1036
Published
Apr 01, 2010
Tracked Since
Feb 18, 2026