Candidate: CVE-2010-0556
PublicDate: 2010-02-18 17:30:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0556
 http://googlechromereleases.blogspot.com/2010/02/stable-channel-update.html
Description:
 browser/login/login_prompt.cc in Google Chrome before 4.0.249.89 populates
 an authentication dialog with credentials that were stored by Password
 Manager for a different web site, which allows user-assisted remote HTTP
 servers to obtain sensitive information via a URL that requires
 authentication, as demonstrated by a URL in the SRC attribute of an IMG
 element.
Ubuntu-Description:
Notes:
 mdeslaur> fixed in r36829
Bugs:
 http://code.google.com/p/chromium/issues/detail?id=32718
Priority: medium
Discovered-by:
Assigned-to:
CVSS: 

Patches_chromium-browser:
upstream_chromium-browser: needs-triage
dapper_chromium-browser: DNE
hardy_chromium-browser: DNE
intrepid_chromium-browser: DNE
jaunty_chromium-browser: DNE
karmic_chromium-browser: DNE
lucid_chromium-browser: not-affected (5.0.342.9~r43360-0ubuntu2)
devel_chromium-browser: not-affected (5.0.375.38~r46659-0ubuntu1)