Test ID:	1.3.6.1.4.1.25623.1.0.900439
Category:	Web application abuses
Title:	Google Chrome Information Disclosure Vulnerability
Summary:	Google Chrome is prone to an information disclosure vulnerability.
Description:	Summary: Google Chrome is prone to an information disclosure vulnerability. Vulnerability Insight: This flaw is due to cross-domain information disclosure vulnerability as the web browser fails to properly enforce the same-origin policy. Vulnerability Impact: Successful exploitation will let the attacker execute arbitrary codes in the context of the web browser and can reveal sensitive information of the remote user through the web browser. Affected Software/OS: Google Chrome version 1.0.154.43 and prior. Solution: No known solution was made available for at least one year since the disclosure of this vulnerability. Likely none will be provided anymore. General solution options are to upgrade to a newer release, disable respective features, remove the product or replace the product by another one. CVSS Score: 2.1 CVSS Vector: AV:N/AC:H/Au:S/C:N/I:P/A:N
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2008-5915 BugTraq ID: 33276 http://www.securityfocus.com/bid/33276 http://arstechnica.com/news.ars/post/20090113-new-method-of-phishmongering-could-fool-experienced-users.html http://www.darkreading.com/security/attacks/showArticle.jhtml?articleID=212900161 http://www.infoworld.com/article/09/01/13/Browser_bug_could_allow_phishing_without_email_1.html http://www.trusteer.com/files/In-session-phishing-advisory-2.pdf
Copyright	Copyright (C) 2009 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.