VYPR
← All advisories
Unrated severityNVD Advisory· Published Feb 18, 2010· Updated Apr 29, 2026

CVE-2010-0656

CVE-2010-0656

Description

WebKit before r51295, as used in Google Chrome before 4.0.249.78, presents a directory-listing page in response to an XMLHttpRequest for a file:/// URL that corresponds to a directory, which allows attackers to obtain sensitive information or possibly have unspecified other impact via a crafted local HTML document.

Affected products

49
  • Apple Inc./Webkit
    cpe:2.3:a:apple:webkit:*:*:*:*:*:*:*:*
    Range: <=r51280
  • Google/Chrome48 versions
    cpe:2.3:a:google:chrome:0.2.149.27:*:*:*:*:*:*:*+ 47 more
    • cpe:2.3:a:google:chrome:0.2.149.27:*:*:*:*:*:*:*
    • cpe:2.3:a:google:chrome:0.2.149.29:*:*:*:*:*:*:*
    • cpe:2.3:a:google:chrome:0.2.149.30:*:*:*:*:*:*:*
    • cpe:2.3:a:google:chrome:0.2.152.1:*:*:*:*:*:*:*
    • cpe:2.3:a:google:chrome:0.2.153.1:*:*:*:*:*:*:*
    • cpe:2.3:a:google:chrome:0.3.154.0:*:*:*:*:*:*:*
    • cpe:2.3:a:google:chrome:0.3.154.3:*:*:*:*:*:*:*
    • cpe:2.3:a:google:chrome:0.4.154.18:*:*:*:*:*:*:*
    • cpe:2.3:a:google:chrome:0.4.154.22:*:*:*:*:*:*:*
    • cpe:2.3:a:google:chrome:0.4.154.31:*:*:*:*:*:*:*
    • cpe:2.3:a:google:chrome:0.4.154.33:*:*:*:*:*:*:*
    • cpe:2.3:a:google:chrome:1.0.154.36:*:*:*:*:*:*:*
    • cpe:2.3:a:google:chrome:1.0.154.39:*:*:*:*:*:*:*
    • cpe:2.3:a:google:chrome:1.0.154.42:*:*:*:*:*:*:*
    • cpe:2.3:a:google:chrome:1.0.154.43:*:*:*:*:*:*:*
    • cpe:2.3:a:google:chrome:1.0.154.46:*:*:*:*:*:*:*
    • cpe:2.3:a:google:chrome:1.0.154.48:*:*:*:*:*:*:*
    • cpe:2.3:a:google:chrome:1.0.154.52:*:*:*:*:*:*:*
    • cpe:2.3:a:google:chrome:1.0.154.53:*:*:*:*:*:*:*
    • cpe:2.3:a:google:chrome:1.0.154.59:*:*:*:*:*:*:*
    • cpe:2.3:a:google:chrome:1.0.154.65:*:*:*:*:*:*:*
    • cpe:2.3:a:google:chrome:2.0.156.1:*:*:*:*:*:*:*
    • cpe:2.3:a:google:chrome:2.0.157.0:*:*:*:*:*:*:*
    • cpe:2.3:a:google:chrome:2.0.157.2:*:*:*:*:*:*:*
    • cpe:2.3:a:google:chrome:2.0.158.0:*:*:*:*:*:*:*
    • cpe:2.3:a:google:chrome:2.0.159.0:*:*:*:*:*:*:*
    • cpe:2.3:a:google:chrome:2.0.169.0:*:*:*:*:*:*:*
    • cpe:2.3:a:google:chrome:2.0.169.1:*:*:*:*:*:*:*
    • cpe:2.3:a:google:chrome:2.0.170.0:*:*:*:*:*:*:*
    • cpe:2.3:a:google:chrome:2.0.172:*:*:*:*:*:*:*
    • cpe:2.3:a:google:chrome:2.0.172.2:*:*:*:*:*:*:*
    • cpe:2.3:a:google:chrome:2.0.172.27:*:*:*:*:*:*:*
    • cpe:2.3:a:google:chrome:2.0.172.28:*:*:*:*:*:*:*
    • cpe:2.3:a:google:chrome:2.0.172.30:*:*:*:*:*:*:*
    • cpe:2.3:a:google:chrome:2.0.172.31:*:*:*:*:*:*:*
    • cpe:2.3:a:google:chrome:2.0.172.33:*:*:*:*:*:*:*
    • cpe:2.3:a:google:chrome:2.0.172.37:*:*:*:*:*:*:*
    • cpe:2.3:a:google:chrome:2.0.172.38:*:*:*:*:*:*:*
    • cpe:2.3:a:google:chrome:2.0.172.8:*:*:*:*:*:*:*
    • cpe:2.3:a:google:chrome:3.0.182.2:*:*:*:*:*:*:*
    • cpe:2.3:a:google:chrome:3.0.190.2:*:*:*:*:*:*:*
    • cpe:2.3:a:google:chrome:3.0.193.2:beta:*:*:*:*:*:*
    • cpe:2.3:a:google:chrome:3.0.195.21:*:*:*:*:*:*:*
    • cpe:2.3:a:google:chrome:3.0.195.24:*:*:*:*:*:*:*
    • cpe:2.3:a:google:chrome:3.0.195.32:*:*:*:*:*:*:*
    • cpe:2.3:a:google:chrome:3.0.195.33:*:*:*:*:*:*:*
    • cpe:2.3:a:google:chrome:4.0.244.0:*:*:*:*:*:*:*
    • cpe:2.3:a:google:chrome:*:beta:*:*:*:*:*:*range: <=4.0.249.78

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

19

News mentions

0

No linked articles in our index yet.