CVE-2010-5069
Google Chrome 4 - Information Exposure via CSS :visited Pseudo-Class
Title source: llmDescription
The Cascading Style Sheets (CSS) implementation in Google Chrome 4 does not properly handle the :visited pseudo-class, which allows remote attackers to obtain sensitive information about visited web pages via a crafted HTML document. NOTE: this may overlap CVE-2010-2264.
References (2)
Core 2
Core References
Third Party Advisory, VDB Entry vdb-entry
signature
x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14253
Exploit x_refsource_misc
http://w2spconf.com/2010/papers/p26.pdf
Scores
EPSS
0.0087
EPSS Percentile
54.5%
Details
CWE
CWE-200
Status
published
Products (50)
google/chrome
4.0.212.0
google/chrome
4.0.212.1
google/chrome
4.0.221.8
google/chrome
4.0.222.0
google/chrome
4.0.222.1
google/chrome
4.0.222.5
google/chrome
4.0.222.12
google/chrome
4.0.223.0
google/chrome
4.0.223.1
google/chrome
4.0.223.2
... and 40 more
Published
Dec 07, 2011
Tracked Since
Feb 18, 2026