SecuritySpace - CVE-2009-3264

Vulnerability Search		Search 324607 CVE descriptions and 145615 test descriptions, access 10,000+ cross references.
	Tests CVE All

CVE ID: CVE-2009-3264

Description: The getSVGDocument method in Google Chrome before 3.0.195.21 omits an unspecified "access check," which allows remote web servers to bypass the Same Origin Policy and conduct cross-site scripting attacks via unknown vectors, related to a user's visit to a different web server that hosts an SVG document.

Test IDs: 1.3.6.1.4.1.25623.1.0.900860

Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2009-3264
BugTraq ID: 36416
http://www.securityfocus.com/bid/36416
http://osvdb.org/58193
http://secunia.com/advisories/36770

CVE ID:	CVE-2009-3264
Description:	The getSVGDocument method in Google Chrome before 3.0.195.21 omits an unspecified "access check," which allows remote web servers to bypass the Same Origin Policy and conduct cross-site scripting attacks via unknown vectors, related to a user's visit to a different web server that hosts an SVG document.
Test IDs:	1.3.6.1.4.1.25623.1.0.900860
Cross References:	Common Vulnerability Exposure (CVE) ID: CVE-2009-3264 BugTraq ID: 36416 http://www.securityfocus.com/bid/36416 http://osvdb.org/58193 http://secunia.com/advisories/36770