CVE-2010-5069

Google Chrome 4 - Information Exposure via CSS :visited Pseudo-Class

Title source: llm
STIX 2.1

Description

The Cascading Style Sheets (CSS) implementation in Google Chrome 4 does not properly handle the :visited pseudo-class, which allows remote attackers to obtain sensitive information about visited web pages via a crafted HTML document. NOTE: this may overlap CVE-2010-2264.

References (2)

Core 2
Core References
Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14253
Exploit x_refsource_misc
http://w2spconf.com/2010/papers/p26.pdf

Scores

EPSS 0.0087
EPSS Percentile 54.5%

Details

CWE
CWE-200
Status published
Products (50)
google/chrome 4.0.212.0
google/chrome 4.0.212.1
google/chrome 4.0.221.8
google/chrome 4.0.222.0
google/chrome 4.0.222.1
google/chrome 4.0.222.5
google/chrome 4.0.222.12
google/chrome 4.0.223.0
google/chrome 4.0.223.1
google/chrome 4.0.223.2
... and 40 more
Published Dec 07, 2011
Tracked Since Feb 18, 2026