WebKit contains a flaw in the 'DocumentThreadableLoader::preflightFailure' function [WebCore/loader/DocumentThreadableLoader.cpp] that allows a Cross-site Request Forgery (CSRF / XSRF) attack. The flaw exists because the application allows bypassing the XDC check on synchronous preflighted requests. With a specially crafted web page, a context-dependent attacker can perform actions on another site in the trust relationship of the target user and site.

It has been reported that this issue has been fixed. Upgrade to version 1.2.3, or higher, to address this vulnerability.

Upgrade to Google Chrome version 4.1.249.1059 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

• CVE ID: 2010-1501 (see also: NVD) 2010-1767 (see also: NVD)
• Secunia Advisory ID: 39544 41011 41461 41856 43068
• Bugtraq ID: 39603
• Related OSVDB ID: 63996 63997 63998 63999 64000 64001
• Vendor Specific News/Changelog Entry: http://code.google.com/p/chromium/issues/detail?id=39698
  http://gitorious.org/webkitgtk/stable/blobs/master/WebKit/gtk/NEWS [ Link is 404 ]
  http://googlechromereleases.blogspot.com/2010/04/stable-update-security-fixes.html
  http://lists.fedoraproject.org/pipermail/package-announce/2010-September/047699.html
  http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00003.html
  http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html
  https://bugs.webkit.org/show_bug.cgi?id=36843 [ Auth Req'd ]
• Vendor Specific Solution URL: http://trac.webkit.org/changeset/57041
• Vendor Specific Advisory URL: http://www.ubuntu.com/usn/usn-1006-1

• Meder Kydyraliev - Google Security Team