Strix
26.1K

CVE-2009-3011

UnknownEPSS 0.94%

Last modified

CVE-2009-3011 is a vulnerability of currently unknown severity. Google Chrome 1.0.154.48 and earlier, 2.0.172.28, 2.0.172.37, and 3.0.193.2 Beta does not properly block data: URIs in Refresh headers in HTTP responses, which allows remote attackers to conduct cross-site scripting (XSS) attacks via vectors related to (1) injecting a Refresh header that contains JavaScript sequences in a data:text/html URI or (2) entering a data:text/html URI with JavaScript sequences when specifying the content of a Refresh header. NOTE: the JavaScript executes outside of the context of the HTTP site.. EPSS estimates a 0.94% chance of exploitation in the next 30 days.

Description

Google Chrome 1.0.154.48 and earlier, 2.0.172.28, 2.0.172.37, and 3.0.193.2 Beta does not properly block data: URIs in Refresh headers in HTTP responses, which allows remote attackers to conduct cross-site scripting (XSS) attacks via vectors related to (1) injecting a Refresh header that contains JavaScript sequences in a data:text/html URI or (2) entering a data:text/html URI with JavaScript sequences when specifying the content of a Refresh header. NOTE: the JavaScript executes outside of the context of the HTTP site.

Metrics

EPSS Probability
0.94%

56.4th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

Affected Software

VendorProductVersionsUpdate
GoogleChrome<= 1.0.154.48
GoogleChrome0.2.149.27
GoogleChrome0.2.149.29
GoogleChrome0.2.149.30
GoogleChrome0.2.152.1
GoogleChrome0.2.153.1
GoogleChrome0.3.154.0
GoogleChrome0.3.154.3
GoogleChrome0.4.154.18
GoogleChrome0.4.154.22
GoogleChrome0.4.154.31
GoogleChrome0.4.154.33
GoogleChrome1.0.154.36
GoogleChrome1.0.154.39
GoogleChrome1.0.154.42
GoogleChrome1.0.154.43
GoogleChrome1.0.154.46
GoogleChrome2.0.172.28
GoogleChrome2.0.172.37
GoogleChrome3.0.193.2Beta

References

Timeline

Published
Last Modified
Status
Modified

Frequently Asked Questions

What is CVE-2009-3011?
Google Chrome 1.0.154.48 and earlier, 2.0.172.28, 2.0.172.37, and 3.0.193.2 Beta does not properly block data: URIs in Refresh headers in HTTP responses, which allows remote attackers to conduct cross-site scripting (XSS) attacks via vectors related to (1) injecting a Refresh header that contains JavaScript sequences in a data:text/html URI or (2) entering a data:text/html URI with JavaScript sequences when specifying the content of a Refresh header. NOTE: the JavaScript executes outside of the context of the HTTP site.
How severe is CVE-2009-3011?
Severity scoring for CVE-2009-3011 is pending analysis. The EPSS model estimates a 0.94% probability of exploitation in the next 30 days.
How do I fix CVE-2009-3011?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2009-3011?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST