CVE 2011-1438

Google Chrome before 11.0.696.57 allows remote attackers to bypass the Same Origin Policy via vectors involving blobs.

See the CVE page on Mitre.org for more details.