NVD Vulnerability Detail

CVE-2010-5069

Summary	The Cascading Style Sheets (CSS) implementation in Google Chrome 4 does not properly handle the :visited pseudo-class, which allows remote attackers to obtain sensitive information about visited web pages via a crafted HTML document. NOTE: this may overlap CVE-2010-2264.
Publication Date	Dec. 8, 2011, 4:55 a.m.
Registration Date	Jan. 29, 2021, 11:10 a.m.
Last Update	Nov. 21, 2024, 10:22 a.m.

CVSS2.0 : MEDIUM
Score	4.3
Vector	AV:N/AC:M/Au:N/C:P/I:N/A:N
攻撃元区分(AV)	ネットワーク
攻撃条件の複雑さ(AC)	中
攻撃前の認証要否(Au)	不要
機密性への影響(C)	低
完全性への影響(I)	なし
可用性への影響(A)	なし
Get all privileges.	いいえ
Get user privileges	いいえ
Get other privileges	いいえ
User operation required	はい

Affected software configurations

Configuration1	or higher	or less	more than	less than
cpe:2.3:a:google:chrome:4.0.267.0:::::::*
cpe:2.3:a:google:chrome:4.0.248.0:::::::*
cpe:2.3:a:google:chrome:4.0.249.5:::::::*
cpe:2.3:a:google:chrome:4.0.249.46:::::::*
cpe:2.3:a:google:chrome:4.1.249.1017:::::::*
cpe:2.3:a:google:chrome:4.1.249.1041:::::::*
cpe:2.3:a:google:chrome:4.0.249.74:::::::*
cpe:2.3:a:google:chrome:4.0.249.69:::::::*
cpe:2.3:a:google:chrome:4.0.249.25:::::::*
cpe:2.3:a:google:chrome:4.0.222.5:::::::*
cpe:2.3:a:google:chrome:4.0.249.53:::::::*
cpe:2.3:a:google:chrome:4.1.249.1001:::::::*
cpe:2.3:a:google:chrome:4.0.249.40:::::::*
cpe:2.3:a:google:chrome:4.0.256.0:::::::*
cpe:2.3:a:google:chrome:4.0.245.0:::::::*
cpe:2.3:a:google:chrome:4.0.259.0:::::::*
cpe:2.3:a:google:chrome:4.0.249.14:::::::*
cpe:2.3:a:google:chrome:4.1.249.1039:::::::*
cpe:2.3:a:google:chrome:4.1.249.1011:::::::*
cpe:2.3:a:google:chrome:4.0.249.12:::::::*
cpe:2.3:a:google:chrome:4.1.249.1022:::::::*
cpe:2.3:a:google:chrome:4.0.249.1:::::::*
cpe:2.3:a:google:chrome:4.1.249.1027:::::::*
cpe:2.3:a:google:chrome:4.0.249.10:::::::*
cpe:2.3:a:google:chrome:4.0.251.0:::::::*
cpe:2.3:a:google:chrome:4.0.255.0:::::::*
cpe:2.3:a:google:chrome:4.0.249.20:::::::*
cpe:2.3:a:google:chrome:4.0.287.0:::::::*
cpe:2.3:a:google:chrome:4.0.302.2:::::::*
cpe:2.3:a:google:chrome:4.0.275.0:::::::*
cpe:2.3:a:google:chrome:4.1.249.1008:::::::*
cpe:2.3:a:google:chrome:4.0.249.52:::::::*
cpe:2.3:a:google:chrome:4.0.249.11:::::::*
cpe:2.3:a:google:chrome:4.0.249.35:::::::*
cpe:2.3:a:google:chrome:4.0.295.0:::::::*
cpe:2.3:a:google:chrome:4.0.229.1:::::::*
cpe:2.3:a:google:chrome:4.0.249.39:::::::*
cpe:2.3:a:google:chrome:4.0.266.0:::::::*
cpe:2.3:a:google:chrome:4.0.212.0:::::::*
cpe:2.3:a:google:chrome:4.0.249.21:::::::*
cpe:2.3:a:google:chrome:4.0.237.1:::::::*
cpe:2.3:a:google:chrome:4.0.247.0:::::::*
cpe:2.3:a:google:chrome:4.1.249.1019:::::::*
cpe:2.3:a:google:chrome:4.0.223.5:::::::*
cpe:2.3:a:google:chrome:4.0.257.0:::::::*
cpe:2.3:a:google:chrome:4.1.249.1042:::::::*
cpe:2.3:a:google:chrome:4.1.249.1012:::::::*
cpe:2.3:a:google:chrome:4.1.249.1006:::::::*
cpe:2.3:a:google:chrome:4.0.261.0:::::::*
cpe:2.3:a:google:chrome:4.0.249.34:::::::*
cpe:2.3:a:google:chrome:4.0.237.0:::::::*
cpe:2.3:a:google:chrome:4.1.249.1063:::::::*
cpe:2.3:a:google:chrome:4.0.249.38:::::::*
cpe:2.3:a:google:chrome:4.1.249.1014:::::::*
cpe:2.3:a:google:chrome:4.0.301.0:::::::*
cpe:2.3:a:google:chrome:4.0.249.36:::::::*
cpe:2.3:a:google:chrome:4.0.254.0:::::::*
cpe:2.3:a:google:chrome:4.0.243.0:::::::*
cpe:2.3:a:google:chrome:4.0.223.8:::::::*
cpe:2.3:a:google:chrome:4.1.249.1028:::::::*
cpe:2.3:a:google:chrome:4.1.249.1007:::::::*
cpe:2.3:a:google:chrome:4.0.302.3:::::::*
cpe:2.3:a:google:chrome:4.0.249.65:::::::*
cpe:2.3:a:google:chrome:4.1:beta::::::
cpe:2.3:a:google:chrome:4.0.249.55:::::::*
cpe:2.3:a:google:chrome:4.0.222.0:::::::*
cpe:2.3:a:google:chrome:4.0.250.2:::::::*
cpe:2.3:a:google:chrome:4.0.239.0:::::::*
cpe:2.3:a:google:chrome:4.0.300.0:::::::*
cpe:2.3:a:google:chrome:4.1.249.1059:::::::*
cpe:2.3:a:google:chrome:4.1.249.1045:::::::*
cpe:2.3:a:google:chrome:4.0.249.45:::::::*
cpe:2.3:a:google:chrome:4.1.249.1009:::::::*
cpe:2.3:a:google:chrome:4.1.249.1043:::::::*
cpe:2.3:a:google:chrome:4.1.249.1036:::::::*
cpe:2.3:a:google:chrome:4.1.249.1018:::::::*
cpe:2.3:a:google:chrome:4.0.288.0:::::::*
cpe:2.3:a:google:chrome:4.0.264.0:::::::*
cpe:2.3:a:google:chrome:4.0.249.80:::::::*
cpe:2.3:a:google:chrome:4.0.290.0:::::::*
cpe:2.3:a:google:chrome:4.0.240.0:::::::*
cpe:2.3:a:google:chrome:4.1.249.1038:::::::*
cpe:2.3:a:google:chrome:4.1.249.1034:::::::*
cpe:2.3:a:google:chrome:4.0.236.0:::::::*
cpe:2.3:a:google:chrome:4.0.249.29:::::::*
cpe:2.3:a:google:chrome:4.1.249.1058:::::::*
cpe:2.3:a:google:chrome:4.0.278.0:::::::*
cpe:2.3:a:google:chrome:4.0.249.62:::::::*
cpe:2.3:a:google:chrome:4.1.249.0:::::::*
cpe:2.3:a:google:chrome:4.0.265.0:::::::*
cpe:2.3:a:google:chrome:4.0.249.31:::::::*
cpe:2.3:a:google:chrome:4.0.245.1:::::::*
cpe:2.3:a:google:chrome:4.1.249.1029:::::::*
cpe:2.3:a:google:chrome:4.0.223.0:::::::*
cpe:2.3:a:google:chrome:4.0.263.0:::::::*
cpe:2.3:a:google:chrome:4.1.249.1051:::::::*
cpe:2.3:a:google:chrome:4.0.249.75:::::::*
cpe:2.3:a:google:chrome:4.0.249.4:::::::*
cpe:2.3:a:google:chrome:4.0.242.0:::::::*
cpe:2.3:a:google:chrome:4.0.249.44:::::::*
cpe:2.3:a:google:chrome:4.0.249.9:::::::*
cpe:2.3:a:google:chrome:4.0.249.50:::::::*
cpe:2.3:a:google:chrome:4.1.249.1048:::::::*
cpe:2.3:a:google:chrome:4.0.249.43:::::::*
cpe:2.3:a:google:chrome:4.0.249.16:::::::*
cpe:2.3:a:google:chrome:4.0.275.1:::::::*
cpe:2.3:a:google:chrome:4.0.249.72:::::::*
cpe:2.3:a:google:chrome:4.0.249.18:::::::*
cpe:2.3:a:google:chrome:4.0.249.28:::::::*
cpe:2.3:a:google:chrome:4.0.249.33:::::::*
cpe:2.3:a:google:chrome:4.0.249.58:::::::*
cpe:2.3:a:google:chrome:4.0.302.0:::::::*
cpe:2.3:a:google:chrome:4.0.299.0:::::::*
cpe:2.3:a:google:chrome:4.0.223.1:::::::*
cpe:2.3:a:google:chrome:4.1.249.1025:::::::*
cpe:2.3:a:google:chrome:4.1.249.1010:::::::*
cpe:2.3:a:google:chrome:4.0.249.49:::::::*
cpe:2.3:a:google:chrome:4.0.249.66:::::::*
cpe:2.3:a:google:chrome:4.0.249.59:::::::*
cpe:2.3:a:google:chrome:4.1.249.1057:::::::*
cpe:2.3:a:google:chrome:4.0.249.68:::::::*
cpe:2.3:a:google:chrome:4.1.249.1050:::::::*
cpe:2.3:a:google:chrome:4.1.249.1053:::::::*
cpe:2.3:a:google:chrome:4.1.249.1026:::::::*
cpe:2.3:a:google:chrome:4.0.249.23:::::::*
cpe:2.3:a:google:chrome:4.1.249.1024:::::::*
cpe:2.3:a:google:chrome:4.0.249.63:::::::*
cpe:2.3:a:google:chrome:4.1.249.1031:::::::*
cpe:2.3:a:google:chrome:4.0.222.12:::::::*
cpe:2.3:a:google:chrome:4.0.250.0:::::::*
cpe:2.3:a:google:chrome:4.0.223.2:::::::*
cpe:2.3:a:google:chrome:4.0.305.0:::::::*
cpe:2.3:a:google:chrome:4.1.249.1032:::::::*
cpe:2.3:a:google:chrome:4.0.249.60:::::::*
cpe:2.3:a:google:chrome:4.0.292.0:::::::*
cpe:2.3:a:google:chrome:4.0.269.0:::::::*
cpe:2.3:a:google:chrome:4.1.249.1004:::::::*
cpe:2.3:a:google:chrome:4.0.249.78:::::::*
cpe:2.3:a:google:chrome:4.0.249.6:::::::*
cpe:2.3:a:google:chrome:4.1.249.1044:::::::*
cpe:2.3:a:google:chrome:4.1.249.1064:::::::*
cpe:2.3:a:google:chrome:4.0.260.0:::::::*
cpe:2.3:a:google:chrome:4.0.304.0:::::::*
cpe:2.3:a:google:chrome:4.0.249.81:::::::*
cpe:2.3:a:google:chrome:4.0.249.76:::::::*
cpe:2.3:a:google:chrome:4.0.212.1:::::::*
cpe:2.3:a:google:chrome:4.0.272.0:::::::*
cpe:2.3:a:google:chrome:4.1.249.1047:::::::*
cpe:2.3:a:google:chrome:4.0.249.7:::::::*
cpe:2.3:a:google:chrome:4.0.241.0:::::::*
cpe:2.3:a:google:chrome:4.0.249.32:::::::*
cpe:2.3:a:google:chrome:4.0.249.8:::::::*
cpe:2.3:a:google:chrome:4.0.249.48:::::::*
cpe:2.3:a:google:chrome:4.1.249.1052:::::::*
cpe:2.3:a:google:chrome:4.0.244.0:::::::*
cpe:2.3:a:google:chrome:4.0.249.0:::::::*
cpe:2.3:a:google:chrome:4.1.249.1060:::::::*
cpe:2.3:a:google:chrome:4.0.223.7:::::::*
cpe:2.3:a:google:chrome:4.1.249.1056:::::::*
cpe:2.3:a:google:chrome:4.1.249.1033:::::::*
cpe:2.3:a:google:chrome:4.0.252.0:::::::*
cpe:2.3:a:google:chrome:4.0.249.82:::::::*
cpe:2.3:a:google:chrome:4.0.249.26:::::::*
cpe:2.3:a:google:chrome:4.0.249.70:::::::*
cpe:2.3:a:google:chrome:4.0.294.0:::::::*
cpe:2.3:a:google:chrome:4.0.249.71:::::::*
cpe:2.3:a:google:chrome:4.0.249.54:::::::*
cpe:2.3:a:google:chrome:4.1.249.1030:::::::*
cpe:2.3:a:google:chrome:4.0.249.37:::::::*
cpe:2.3:a:google:chrome:4.0.223.9:::::::*
cpe:2.3:a:google:chrome:4.0.249.22:::::::*
cpe:2.3:a:google:chrome:4.0.246.0:::::::*
cpe:2.3:a:google:chrome:4.1.249.1016:::::::*
cpe:2.3:a:google:chrome:4.0.224.0:::::::*
cpe:2.3:a:google:chrome:4.0.249.57:::::::*
cpe:2.3:a:google:chrome:4.1.249.1055:::::::*
cpe:2.3:a:google:chrome:4.1.249.1046:::::::*
cpe:2.3:a:google:chrome:4.0.249.89:::::::*
cpe:2.3:a:google:chrome:4.0.271.0:::::::*
cpe:2.3:a:google:chrome:4.0.268.0:::::::*
cpe:2.3:a:google:chrome:4.0.249.41:::::::*
cpe:2.3:a:google:chrome:4.0.249.2:::::::*
cpe:2.3:a:google:chrome:4.0.235.0:::::::*
cpe:2.3:a:google:chrome:4.0.249.30:::::::*
cpe:2.3:a:google:chrome:4.0.289.0:::::::*
cpe:2.3:a:google:chrome:4.0.296.0:::::::*
cpe:2.3:a:google:chrome:4.0.249.47:::::::*
cpe:2.3:a:google:chrome:4.1.249.1023:::::::*
cpe:2.3:a:google:chrome:4.0.249.73:::::::*
cpe:2.3:a:google:chrome:4.1.249.1037:::::::*
cpe:2.3:a:google:chrome:4.0.258.0:::::::*
cpe:2.3:a:google:chrome:4.0.223.4:::::::*
cpe:2.3:a:google:chrome:4.0.249.17:::::::*
cpe:2.3:a:google:chrome:4.1.249.1062:::::::*
cpe:2.3:a:google:chrome:4.0.249.61:::::::*
cpe:2.3:a:google:chrome:4.0.277.0:::::::*
cpe:2.3:a:google:chrome:4.0.249.64:::::::*
cpe:2.3:a:google:chrome:4.1.249.1049:::::::*
cpe:2.3:a:google:chrome:4.0.249.77:::::::*
cpe:2.3:a:google:chrome:4.0.286.0:::::::*
cpe:2.3:a:google:chrome:4.0.249.42:::::::*
cpe:2.3:a:google:chrome:4.1.249.1035:::::::*
cpe:2.3:a:google:chrome:4.0.249.3:::::::*
cpe:2.3:a:google:chrome:4.0.262.0:::::::*
cpe:2.3:a:google:chrome:4.0.249.19:::::::*
cpe:2.3:a:google:chrome:4.0.249.24:::::::*
cpe:2.3:a:google:chrome:4.0.249.56:::::::*
cpe:2.3:a:google:chrome:4.1.249.1040:::::::*
cpe:2.3:a:google:chrome:4.0.249.27:::::::*
cpe:2.3:a:google:chrome:4.1.249.1061:::::::*
cpe:2.3:a:google:chrome:4.0.249.78:beta::::::
cpe:2.3:a:google:chrome:4.0.302.1:::::::*
cpe:2.3:a:google:chrome:4.0.221.8:::::::*
cpe:2.3:a:google:chrome:4.0.288.1:::::::*
cpe:2.3:a:google:chrome:4.0.249.67:::::::*
cpe:2.3:a:google:chrome:4.1.249.1021:::::::*
cpe:2.3:a:google:chrome:4.0.249.51:::::::*
cpe:2.3:a:google:chrome:4.1.249.1015:::::::*
cpe:2.3:a:google:chrome:4.1.249.1054:::::::*
cpe:2.3:a:google:chrome:4.0.276.0:::::::*
cpe:2.3:a:google:chrome:4.0.222.1:::::::*
cpe:2.3:a:google:chrome:4.1.249.1013:::::::*
cpe:2.3:a:google:chrome:4.1.249.1020:::::::*
cpe:2.3:a:google:chrome:4.0.249.79:::::::*
cpe:2.3:a:google:chrome:4.0.303.0:::::::*

Related information, measures and tools

No	URL	タグ
1	http://w2spconf.com/2010/papers/p26.pdf	Exploit
2	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14253
3	http://w2spconf.com/2010/papers/p26.pdf	Exploit
4	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14253

Common Vulnerabilities List

No	CWE	Name	URL
1	CWE-200	情報漏えい	https://cwe.mitre.org/data/definitions/200.html

JVN Vulnerability Information

Google Chrome の Cascading Style Sheets 実装における重要な情報を取得される脆弱性

Title	Google Chrome の Cascading Style Sheets 実装における重要な情報を取得される脆弱性
Summary	Google Chrome の Cascading Style Sheets (CSS) 実装は、:visited pseudo-class を適切に処理しないため、訪問履歴のある Web ページについての重要な情報を取得される脆弱性が存在します。なお、本問題は CVE-2010-2264 と重複する可能性があります。
Possible impacts	第三者により、巧妙に細工された HTML ドキュメントを介して、訪問履歴のある Web ページについての重要な情報を取得される可能性があります。
Solution	ベンダ情報および参考情報を参照して適切な対策を実施してください。
Publication Date	Dec. 7, 2011, midnight
Registration Date	Dec. 12, 2011, 4:16 p.m.
Last Update	Dec. 12, 2011, 4:16 p.m.

Affected System

Google

Google Chrome 4

CVE (情報セキュリティ共通脆弱性識別子)

No	Name	URL
Common Vulnerabilities and Exposures (CVE)
1	CVE-2010-5069	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-5069
National Vulnerability Database (NVD)
2	CVE-2010-5069	http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-5069

CWE (共通脆弱性タイプ一覧)

No	Name	URL
JVNDB
1	CWE-200	https://jvndb.jvn.jp/ja/cwe/CWE-200.html

ベンダー情報

No	Name	URL
Google
1	Google Chrome	http://www.google.co.jp/chrome/intl/ja/landing_ff_yt.html?hl=ja&hl=ja

Change Log

No	Changed Details	Date of change
0	[2011年12月12日] 掲載	Feb. 17, 2018, 10:37 a.m.