Skip to main content

CVE-2008-5915

Severity Low
Score 2.1/10

Summary

An unspecified function in the JavaScript implementation in Google Chrome creates and exposes a "temporary footprint" when there is a current login to a web site, which makes it easier for remote attackers to trick a user into acting upon a spoofed pop-up message, aka an "in-session phishing attack." NOTE: as of 20090116, the only disclosure is a vague pre-advisory with no actionable information. However, because it is from a well-known researcher, it is being assigned a CVE identifier for tracking purposes.

  • HIGH
  • NETWORK
  • SINGLE
  • PARTIAL
  • NONE
  • NONE

References

Advisory Timeline

  • Published