CVE-2010-4483

Published: Dec 7, 2010Modified: Apr 29, 2026

4.3

Vector

AV:N/AC:M/Au:N/C:P/I:N/A:N

Exploitability: 8.6 / Impact: 2.9

Source: NVD

Description

Google Chrome before 8.0.552.215 does not properly restrict read access to videos derived from CANVAS elements, which allows remote attackers to bypass the Same Origin Policy and obtain potentially sensitive video data via a crafted web site.

Affected (1)

Products: Google: Chrome

Google

1 product

Chrome

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Google Chrome	Up to 8.0.552.214

Related CWEs

CWE-264

References (10)

http://code.google.com/p/chromium/issues/detail?id=55745

Source: cve@mitre.org

http://googlechromereleases.blogspot.com/2010/12/stable-beta-channel-updates.html

Source: cve@mitre.org

Vendor Advisory

http://secunia.com/advisories/42472

Source: cve@mitre.org

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11610

Source: cve@mitre.org

https://technet.microsoft.com/library/security/msvr11-002

Source: cve@mitre.org

http://code.google.com/p/chromium/issues/detail?id=55745