CVE-2011-1190
Google Chrome < 10.0.648.127 - Same Origin Policy Bypass via Web Workers Error Message Leak
Title source: llmDescription
The Web Workers implementation in Google Chrome before 10.0.648.127 allows remote attackers to bypass the Same Origin Policy via unspecified vectors, related to an "error message leak."
References (10)
Core 10
Core References
Exploit, Issue Tracking, Patch, Vendor Advisory x_refsource_confirm
http://code.google.com/p/chromium/issues/detail?id=70336
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/46785
Mailing List, Third Party Advisory vendor-advisory
x_refsource_apple
http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/65954
Vendor Advisory x_refsource_confirm
http://googlechromereleases.blogspot.com/2011/03/chrome-stable-release.html
Third Party Advisory x_refsource_confirm
http://support.apple.com/kb/HT4999
Third Party Advisory x_refsource_confirm
http://support.apple.com/kb/HT4808
Third Party Advisory vdb-entry
signature
x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14398
Mailing List, Third Party Advisory vendor-advisory
x_refsource_apple
http://lists.apple.com/archives/security-announce/2011//Jul/msg00002.html
Permissions Required vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2011/0628
Scores
EPSS
0.0190
EPSS Percentile
77.2%
Details
CWE
CWE-200
Status
published
Products (3)
apple/iphone_os
< 5.0
apple/safari
< 5.0.6
google/chrome
< 10.0.648.127
Published
Mar 11, 2011
Tracked Since
Feb 18, 2026