Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CERTA-2011-AVI-528
Vulnerability from certfr_avis - Published: 2011-09-20 - Updated: 2011-09-20
De multiples vulnérabilités permettant une exécution de code arbitraire à distance ont été corrigées dans Google Chrome.
Description
De multiples vulnérabilités ont été corrigées dans la nouvelle version de Google Chrome. Leur exploitation permet, entre autres, l'exécution de code arbitraire à distance.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Google Chrome versions antérieures à 14.0.835.163.
Impacted products
| Vendor | Product | Description |
|---|
References
| Title | Publication Time | Tags | |
|---|---|---|---|
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [],
"affected_systems_content": "\u003cp\u003eGoogle Chrome versions ant\u00e9rieures \u00e0 14.0.835.163.\u003c/p\u003e",
"content": "## Description\n\nDe multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans la nouvelle version\nde Google Chrome. Leur exploitation permet, entre autres, l\u0027ex\u00e9cution de\ncode arbitraire \u00e0 distance.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2011-2838",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2838"
},
{
"name": "CVE-2011-2860",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2860"
},
{
"name": "CVE-2011-2841",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2841"
},
{
"name": "CVE-2011-2855",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2855"
},
{
"name": "CVE-2011-2847",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2847"
},
{
"name": "CVE-2011-2840",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2840"
},
{
"name": "CVE-2011-2846",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2846"
},
{
"name": "CVE-2011-2851",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2851"
},
{
"name": "CVE-2011-2843",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2843"
},
{
"name": "CVE-2011-2862",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2862"
},
{
"name": "CVE-2011-2844",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2844"
},
{
"name": "CVE-2011-2864",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2864"
},
{
"name": "CVE-2011-2834",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2834"
},
{
"name": "CVE-2011-2850",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2850"
},
{
"name": "CVE-2011-2852",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2852"
},
{
"name": "CVE-2011-2839",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2839"
},
{
"name": "CVE-2011-2853",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2853"
},
{
"name": "CVE-2011-2857",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2857"
},
{
"name": "CVE-2011-2861",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2861"
},
{
"name": "CVE-2011-2875",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2875"
},
{
"name": "CVE-2011-3234",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3234"
},
{
"name": "CVE-2011-2835",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2835"
},
{
"name": "CVE-2011-2854",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2854"
},
{
"name": "CVE-2011-2842",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2842"
},
{
"name": "CVE-2011-2837",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2837"
},
{
"name": "CVE-2011-2874",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2874"
},
{
"name": "CVE-2011-2859",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2859"
},
{
"name": "CVE-2011-2849",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2849"
},
{
"name": "CVE-2011-2848",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2848"
},
{
"name": "CVE-2011-2858",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2858"
},
{
"name": "CVE-2011-2856",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2856"
},
{
"name": "CVE-2011-2836",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2836"
}
],
"initial_release_date": "2011-09-20T00:00:00",
"last_revision_date": "2011-09-20T00:00:00",
"links": [
{
"title": "Note de version Google Chrome 2011/09/stable-channel-update_16.html du 16 septembre 2011 :",
"url": "http://googlechromereleases.blogspot.com/2011/09/stable-channel-update_16.html"
}
],
"reference": "CERTA-2011-AVI-528",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2011-09-20T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s permettant une ex\u00e9cution de code arbitraire\n\u00e0 distance ont \u00e9t\u00e9 corrig\u00e9es dans Google Chrome.\n",
"title": "Vuln\u00e9rabilit\u00e9s dans Google Chrome",
"vendor_advisories": [
{
"published_at": null,
"title": "Notes de versions de Google Chrome du 16 septembre 2011",
"url": null
}
]
}
CVE-2011-2855 (GCVE-0-2011-2855)
Vulnerability from cvelistv5 – Published: 2011-09-17 10:00 – Updated: 2024-08-06 23:15
VLAI
EPSS
VEX
Summary
Google Chrome before 14.0.835.163 does not properly handle Cascading Style Sheets (CSS) token sequences, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale node."
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
12 references
| URL | Tags |
|---|---|
| http://osvdb.org/75557 | vdb-entryx_refsource_OSVDB |
| http://code.google.com/p/chromium/issues/detail?i… | x_refsource_CONFIRM |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| https://oval.cisecurity.org/repository/search/def… | vdb-entrysignaturex_refsource_OVAL |
| http://www.securitytracker.com/id?1026774 | vdb-entryx_refsource_SECTRACK |
| http://secunia.com/advisories/48377 | third-party-advisoryx_refsource_SECUNIA |
| http://googlechromereleases.blogspot.com/2011/09/… | x_refsource_CONFIRM |
| http://lists.apple.com/archives/security-announce… | vendor-advisoryx_refsource_APPLE |
| http://secunia.com/advisories/48274 | third-party-advisoryx_refsource_SECUNIA |
| http://lists.apple.com/archives/security-announce… | vendor-advisoryx_refsource_APPLE |
| http://secunia.com/advisories/48288 | third-party-advisoryx_refsource_SECUNIA |
| http://lists.apple.com/archives/security-announce… | vendor-advisoryx_refsource_APPLE |
Date Public
2011-09-16 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T23:15:31.201Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "75557",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/75557"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://code.google.com/p/chromium/issues/detail?id=92959"
},
{
"name": "chrome-stylesheet-code-execution(69882)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/69882"
},
{
"name": "oval:org.mitre.oval:def:14485",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14485"
},
{
"name": "1026774",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1026774"
},
{
"name": "48377",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48377"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://googlechromereleases.blogspot.com/2011/09/stable-channel-update_16.html"
},
{
"name": "APPLE-SA-2012-03-12-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2012/Mar/msg00003.html"
},
{
"name": "48274",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48274"
},
{
"name": "APPLE-SA-2012-03-07-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2012/Mar/msg00000.html"
},
{
"name": "48288",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48288"
},
{
"name": "APPLE-SA-2012-03-07-2",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2012/Mar/msg00001.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-09-16T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Google Chrome before 14.0.835.163 does not properly handle Cascading Style Sheets (CSS) token sequences, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a \"stale node.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-05T18:57:01.000Z",
"orgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
"shortName": "Chrome"
},
"references": [
{
"name": "75557",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/75557"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://code.google.com/p/chromium/issues/detail?id=92959"
},
{
"name": "chrome-stylesheet-code-execution(69882)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/69882"
},
{
"name": "oval:org.mitre.oval:def:14485",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14485"
},
{
"name": "1026774",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1026774"
},
{
"name": "48377",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48377"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://googlechromereleases.blogspot.com/2011/09/stable-channel-update_16.html"
},
{
"name": "APPLE-SA-2012-03-12-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2012/Mar/msg00003.html"
},
{
"name": "48274",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48274"
},
{
"name": "APPLE-SA-2012-03-07-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2012/Mar/msg00000.html"
},
{
"name": "48288",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48288"
},
{
"name": "APPLE-SA-2012-03-07-2",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2012/Mar/msg00001.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@google.com",
"ID": "CVE-2011-2855",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Google Chrome before 14.0.835.163 does not properly handle Cascading Style Sheets (CSS) token sequences, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a \"stale node.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "75557",
"refsource": "OSVDB",
"url": "http://osvdb.org/75557"
},
{
"name": "http://code.google.com/p/chromium/issues/detail?id=92959",
"refsource": "CONFIRM",
"url": "http://code.google.com/p/chromium/issues/detail?id=92959"
},
{
"name": "chrome-stylesheet-code-execution(69882)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/69882"
},
{
"name": "oval:org.mitre.oval:def:14485",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14485"
},
{
"name": "1026774",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1026774"
},
{
"name": "48377",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/48377"
},
{
"name": "http://googlechromereleases.blogspot.com/2011/09/stable-channel-update_16.html",
"refsource": "CONFIRM",
"url": "http://googlechromereleases.blogspot.com/2011/09/stable-channel-update_16.html"
},
{
"name": "APPLE-SA-2012-03-12-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2012/Mar/msg00003.html"
},
{
"name": "48274",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/48274"
},
{
"name": "APPLE-SA-2012-03-07-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2012/Mar/msg00000.html"
},
{
"name": "48288",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/48288"
},
{
"name": "APPLE-SA-2012-03-07-2",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2012/Mar/msg00001.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
"assignerShortName": "Chrome",
"cveId": "CVE-2011-2855",
"datePublished": "2011-09-17T10:00:00.000Z",
"dateReserved": "2011-07-20T00:00:00.000Z",
"dateUpdated": "2024-08-06T23:15:31.201Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-2856 (GCVE-0-2011-2856)
Vulnerability from cvelistv5 – Published: 2011-09-17 10:00 – Updated: 2024-08-06 23:15
VLAI
EPSS
VEX
Summary
Google V8, as used in Google Chrome before 14.0.835.163, allows remote attackers to bypass the Same Origin Policy via unspecified vectors.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
5 references
| URL | Tags |
|---|---|
| http://osvdb.org/75558 | vdb-entryx_refsource_OSVDB |
| http://googlechromereleases.blogspot.com/2011/09/… | x_refsource_CONFIRM |
| http://code.google.com/p/chromium/issues/detail?i… | x_refsource_CONFIRM |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| https://oval.cisecurity.org/repository/search/def… | vdb-entrysignaturex_refsource_OVAL |
Date Public
2011-09-16 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T23:15:31.483Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "75558",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/75558"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://googlechromereleases.blogspot.com/2011/09/stable-channel-update_16.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://code.google.com/p/chromium/issues/detail?id=93416"
},
{
"name": "chrome-v8-sec-bypass(69883)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/69883"
},
{
"name": "oval:org.mitre.oval:def:14262",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14262"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-09-16T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Google V8, as used in Google Chrome before 14.0.835.163, allows remote attackers to bypass the Same Origin Policy via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-18T12:57:01.000Z",
"orgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
"shortName": "Chrome"
},
"references": [
{
"name": "75558",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/75558"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://googlechromereleases.blogspot.com/2011/09/stable-channel-update_16.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://code.google.com/p/chromium/issues/detail?id=93416"
},
{
"name": "chrome-v8-sec-bypass(69883)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/69883"
},
{
"name": "oval:org.mitre.oval:def:14262",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14262"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@google.com",
"ID": "CVE-2011-2856",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Google V8, as used in Google Chrome before 14.0.835.163, allows remote attackers to bypass the Same Origin Policy via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "75558",
"refsource": "OSVDB",
"url": "http://osvdb.org/75558"
},
{
"name": "http://googlechromereleases.blogspot.com/2011/09/stable-channel-update_16.html",
"refsource": "CONFIRM",
"url": "http://googlechromereleases.blogspot.com/2011/09/stable-channel-update_16.html"
},
{
"name": "http://code.google.com/p/chromium/issues/detail?id=93416",
"refsource": "CONFIRM",
"url": "http://code.google.com/p/chromium/issues/detail?id=93416"
},
{
"name": "chrome-v8-sec-bypass(69883)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/69883"
},
{
"name": "oval:org.mitre.oval:def:14262",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14262"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
"assignerShortName": "Chrome",
"cveId": "CVE-2011-2856",
"datePublished": "2011-09-17T10:00:00.000Z",
"dateReserved": "2011-07-20T00:00:00.000Z",
"dateUpdated": "2024-08-06T23:15:31.483Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-2857 (GCVE-0-2011-2857)
Vulnerability from cvelistv5 – Published: 2011-09-17 10:00 – Updated: 2024-08-06 23:15
VLAI
EPSS
VEX
Summary
Use-after-free vulnerability in Google Chrome before 14.0.835.163 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the focus controller.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
12 references
| URL | Tags |
|---|---|
| http://www.securitytracker.com/id?1026774 | vdb-entryx_refsource_SECTRACK |
| http://code.google.com/p/chromium/issues/detail?i… | x_refsource_CONFIRM |
| http://secunia.com/advisories/48377 | third-party-advisoryx_refsource_SECUNIA |
| http://googlechromereleases.blogspot.com/2011/09/… | x_refsource_CONFIRM |
| http://osvdb.org/75559 | vdb-entryx_refsource_OSVDB |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://lists.apple.com/archives/security-announce… | vendor-advisoryx_refsource_APPLE |
| http://secunia.com/advisories/48274 | third-party-advisoryx_refsource_SECUNIA |
| http://lists.apple.com/archives/security-announce… | vendor-advisoryx_refsource_APPLE |
| https://oval.cisecurity.org/repository/search/def… | vdb-entrysignaturex_refsource_OVAL |
| http://secunia.com/advisories/48288 | third-party-advisoryx_refsource_SECUNIA |
| http://lists.apple.com/archives/security-announce… | vendor-advisoryx_refsource_APPLE |
Date Public
2011-09-16 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T23:15:31.398Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1026774",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1026774"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://code.google.com/p/chromium/issues/detail?id=93420"
},
{
"name": "48377",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48377"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://googlechromereleases.blogspot.com/2011/09/stable-channel-update_16.html"
},
{
"name": "75559",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/75559"
},
{
"name": "chrome-focus-controller-code-execution(69884)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/69884"
},
{
"name": "APPLE-SA-2012-03-12-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2012/Mar/msg00003.html"
},
{
"name": "48274",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48274"
},
{
"name": "APPLE-SA-2012-03-07-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2012/Mar/msg00000.html"
},
{
"name": "oval:org.mitre.oval:def:14593",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14593"
},
{
"name": "48288",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48288"
},
{
"name": "APPLE-SA-2012-03-07-2",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2012/Mar/msg00001.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-09-16T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Use-after-free vulnerability in Google Chrome before 14.0.835.163 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the focus controller."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-05T18:57:01.000Z",
"orgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
"shortName": "Chrome"
},
"references": [
{
"name": "1026774",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1026774"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://code.google.com/p/chromium/issues/detail?id=93420"
},
{
"name": "48377",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48377"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://googlechromereleases.blogspot.com/2011/09/stable-channel-update_16.html"
},
{
"name": "75559",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/75559"
},
{
"name": "chrome-focus-controller-code-execution(69884)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/69884"
},
{
"name": "APPLE-SA-2012-03-12-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2012/Mar/msg00003.html"
},
{
"name": "48274",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48274"
},
{
"name": "APPLE-SA-2012-03-07-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2012/Mar/msg00000.html"
},
{
"name": "oval:org.mitre.oval:def:14593",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14593"
},
{
"name": "48288",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48288"
},
{
"name": "APPLE-SA-2012-03-07-2",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2012/Mar/msg00001.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@google.com",
"ID": "CVE-2011-2857",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Use-after-free vulnerability in Google Chrome before 14.0.835.163 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the focus controller."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1026774",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1026774"
},
{
"name": "http://code.google.com/p/chromium/issues/detail?id=93420",
"refsource": "CONFIRM",
"url": "http://code.google.com/p/chromium/issues/detail?id=93420"
},
{
"name": "48377",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/48377"
},
{
"name": "http://googlechromereleases.blogspot.com/2011/09/stable-channel-update_16.html",
"refsource": "CONFIRM",
"url": "http://googlechromereleases.blogspot.com/2011/09/stable-channel-update_16.html"
},
{
"name": "75559",
"refsource": "OSVDB",
"url": "http://osvdb.org/75559"
},
{
"name": "chrome-focus-controller-code-execution(69884)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/69884"
},
{
"name": "APPLE-SA-2012-03-12-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2012/Mar/msg00003.html"
},
{
"name": "48274",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/48274"
},
{
"name": "APPLE-SA-2012-03-07-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2012/Mar/msg00000.html"
},
{
"name": "oval:org.mitre.oval:def:14593",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14593"
},
{
"name": "48288",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/48288"
},
{
"name": "APPLE-SA-2012-03-07-2",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2012/Mar/msg00001.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
"assignerShortName": "Chrome",
"cveId": "CVE-2011-2857",
"datePublished": "2011-09-17T10:00:00.000Z",
"dateReserved": "2011-07-20T00:00:00.000Z",
"dateUpdated": "2024-08-06T23:15:31.398Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-2858 (GCVE-0-2011-2858)
Vulnerability from cvelistv5 – Published: 2011-09-17 10:00 – Updated: 2024-08-06 23:15
VLAI
EPSS
VEX
Summary
Google Chrome before 14.0.835.163 does not properly handle triangle arrays, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
5 references
| URL | Tags |
|---|---|
| http://code.google.com/p/chromium/issues/detail?i… | x_refsource_CONFIRM |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| https://oval.cisecurity.org/repository/search/def… | vdb-entrysignaturex_refsource_OVAL |
| http://googlechromereleases.blogspot.com/2011/09/… | x_refsource_CONFIRM |
| http://osvdb.org/75566 | vdb-entryx_refsource_OSVDB |
Date Public
2011-09-16 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T23:15:31.458Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://code.google.com/p/chromium/issues/detail?id=95625"
},
{
"name": "chrome-triangle-code-execution(69891)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/69891"
},
{
"name": "oval:org.mitre.oval:def:14592",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14592"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://googlechromereleases.blogspot.com/2011/09/stable-channel-update_16.html"
},
{
"name": "75566",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/75566"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-09-16T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Google Chrome before 14.0.835.163 does not properly handle triangle arrays, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-18T12:57:01.000Z",
"orgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
"shortName": "Chrome"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://code.google.com/p/chromium/issues/detail?id=95625"
},
{
"name": "chrome-triangle-code-execution(69891)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/69891"
},
{
"name": "oval:org.mitre.oval:def:14592",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14592"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://googlechromereleases.blogspot.com/2011/09/stable-channel-update_16.html"
},
{
"name": "75566",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/75566"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@google.com",
"ID": "CVE-2011-2858",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Google Chrome before 14.0.835.163 does not properly handle triangle arrays, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://code.google.com/p/chromium/issues/detail?id=95625",
"refsource": "CONFIRM",
"url": "http://code.google.com/p/chromium/issues/detail?id=95625"
},
{
"name": "chrome-triangle-code-execution(69891)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/69891"
},
{
"name": "oval:org.mitre.oval:def:14592",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14592"
},
{
"name": "http://googlechromereleases.blogspot.com/2011/09/stable-channel-update_16.html",
"refsource": "CONFIRM",
"url": "http://googlechromereleases.blogspot.com/2011/09/stable-channel-update_16.html"
},
{
"name": "75566",
"refsource": "OSVDB",
"url": "http://osvdb.org/75566"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
"assignerShortName": "Chrome",
"cveId": "CVE-2011-2858",
"datePublished": "2011-09-17T10:00:00.000Z",
"dateReserved": "2011-07-20T00:00:00.000Z",
"dateUpdated": "2024-08-06T23:15:31.458Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-2859 (GCVE-0-2011-2859)
Vulnerability from cvelistv5 – Published: 2011-09-17 10:00 – Updated: 2024-08-06 23:15
VLAI
EPSS
VEX
Summary
Google Chrome before 14.0.835.163 uses incorrect permissions for non-gallery pages, which has unspecified impact and attack vectors.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
5 references
| URL | Tags |
|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://osvdb.org/75561 | vdb-entryx_refsource_OSVDB |
| https://oval.cisecurity.org/repository/search/def… | vdb-entrysignaturex_refsource_OVAL |
| http://googlechromereleases.blogspot.com/2011/09/… | x_refsource_CONFIRM |
| http://code.google.com/p/chromium/issues/detail?i… | x_refsource_CONFIRM |
Date Public
2011-09-16 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T23:15:31.420Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "chrome-nongallery-priv-escalation(69886)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/69886"
},
{
"name": "75561",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/75561"
},
{
"name": "oval:org.mitre.oval:def:14594",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14594"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://googlechromereleases.blogspot.com/2011/09/stable-channel-update_16.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://code.google.com/p/chromium/issues/detail?id=93497"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-09-16T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Google Chrome before 14.0.835.163 uses incorrect permissions for non-gallery pages, which has unspecified impact and attack vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-18T12:57:01.000Z",
"orgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
"shortName": "Chrome"
},
"references": [
{
"name": "chrome-nongallery-priv-escalation(69886)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/69886"
},
{
"name": "75561",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/75561"
},
{
"name": "oval:org.mitre.oval:def:14594",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14594"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://googlechromereleases.blogspot.com/2011/09/stable-channel-update_16.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://code.google.com/p/chromium/issues/detail?id=93497"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@google.com",
"ID": "CVE-2011-2859",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Google Chrome before 14.0.835.163 uses incorrect permissions for non-gallery pages, which has unspecified impact and attack vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "chrome-nongallery-priv-escalation(69886)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/69886"
},
{
"name": "75561",
"refsource": "OSVDB",
"url": "http://osvdb.org/75561"
},
{
"name": "oval:org.mitre.oval:def:14594",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14594"
},
{
"name": "http://googlechromereleases.blogspot.com/2011/09/stable-channel-update_16.html",
"refsource": "CONFIRM",
"url": "http://googlechromereleases.blogspot.com/2011/09/stable-channel-update_16.html"
},
{
"name": "http://code.google.com/p/chromium/issues/detail?id=93497",
"refsource": "CONFIRM",
"url": "http://code.google.com/p/chromium/issues/detail?id=93497"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
"assignerShortName": "Chrome",
"cveId": "CVE-2011-2859",
"datePublished": "2011-09-17T10:00:00.000Z",
"dateReserved": "2011-07-20T00:00:00.000Z",
"dateUpdated": "2024-08-06T23:15:31.420Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-2860 (GCVE-0-2011-2860)
Vulnerability from cvelistv5 – Published: 2011-09-17 10:00 – Updated: 2024-08-06 23:15
VLAI
EPSS
VEX
Summary
Use-after-free vulnerability in Google Chrome before 14.0.835.163 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to table styles.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
12 references
| URL | Tags |
|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://osvdb.org/75562 | vdb-entryx_refsource_OSVDB |
| http://www.securitytracker.com/id?1026774 | vdb-entryx_refsource_SECTRACK |
| http://secunia.com/advisories/48377 | third-party-advisoryx_refsource_SECUNIA |
| http://code.google.com/p/chromium/issues/detail?i… | x_refsource_CONFIRM |
| http://googlechromereleases.blogspot.com/2011/09/… | x_refsource_CONFIRM |
| http://lists.apple.com/archives/security-announce… | vendor-advisoryx_refsource_APPLE |
| http://secunia.com/advisories/48274 | third-party-advisoryx_refsource_SECUNIA |
| https://oval.cisecurity.org/repository/search/def… | vdb-entrysignaturex_refsource_OVAL |
| http://lists.apple.com/archives/security-announce… | vendor-advisoryx_refsource_APPLE |
| http://secunia.com/advisories/48288 | third-party-advisoryx_refsource_SECUNIA |
| http://lists.apple.com/archives/security-announce… | vendor-advisoryx_refsource_APPLE |
Date Public
2011-09-16 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T23:15:31.512Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "chrome-table-style-code-exec(69887)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/69887"
},
{
"name": "75562",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/75562"
},
{
"name": "1026774",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1026774"
},
{
"name": "48377",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48377"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://code.google.com/p/chromium/issues/detail?id=93587"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://googlechromereleases.blogspot.com/2011/09/stable-channel-update_16.html"
},
{
"name": "APPLE-SA-2012-03-12-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2012/Mar/msg00003.html"
},
{
"name": "48274",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48274"
},
{
"name": "oval:org.mitre.oval:def:14499",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14499"
},
{
"name": "APPLE-SA-2012-03-07-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2012/Mar/msg00000.html"
},
{
"name": "48288",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48288"
},
{
"name": "APPLE-SA-2012-03-07-2",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2012/Mar/msg00001.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-09-16T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Use-after-free vulnerability in Google Chrome before 14.0.835.163 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to table styles."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-05T18:57:01.000Z",
"orgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
"shortName": "Chrome"
},
"references": [
{
"name": "chrome-table-style-code-exec(69887)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/69887"
},
{
"name": "75562",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/75562"
},
{
"name": "1026774",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1026774"
},
{
"name": "48377",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48377"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://code.google.com/p/chromium/issues/detail?id=93587"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://googlechromereleases.blogspot.com/2011/09/stable-channel-update_16.html"
},
{
"name": "APPLE-SA-2012-03-12-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2012/Mar/msg00003.html"
},
{
"name": "48274",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48274"
},
{
"name": "oval:org.mitre.oval:def:14499",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14499"
},
{
"name": "APPLE-SA-2012-03-07-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2012/Mar/msg00000.html"
},
{
"name": "48288",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48288"
},
{
"name": "APPLE-SA-2012-03-07-2",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2012/Mar/msg00001.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@google.com",
"ID": "CVE-2011-2860",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Use-after-free vulnerability in Google Chrome before 14.0.835.163 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to table styles."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "chrome-table-style-code-exec(69887)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/69887"
},
{
"name": "75562",
"refsource": "OSVDB",
"url": "http://osvdb.org/75562"
},
{
"name": "1026774",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1026774"
},
{
"name": "48377",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/48377"
},
{
"name": "http://code.google.com/p/chromium/issues/detail?id=93587",
"refsource": "CONFIRM",
"url": "http://code.google.com/p/chromium/issues/detail?id=93587"
},
{
"name": "http://googlechromereleases.blogspot.com/2011/09/stable-channel-update_16.html",
"refsource": "CONFIRM",
"url": "http://googlechromereleases.blogspot.com/2011/09/stable-channel-update_16.html"
},
{
"name": "APPLE-SA-2012-03-12-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2012/Mar/msg00003.html"
},
{
"name": "48274",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/48274"
},
{
"name": "oval:org.mitre.oval:def:14499",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14499"
},
{
"name": "APPLE-SA-2012-03-07-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2012/Mar/msg00000.html"
},
{
"name": "48288",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/48288"
},
{
"name": "APPLE-SA-2012-03-07-2",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2012/Mar/msg00001.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
"assignerShortName": "Chrome",
"cveId": "CVE-2011-2860",
"datePublished": "2011-09-17T10:00:00.000Z",
"dateReserved": "2011-07-20T00:00:00.000Z",
"dateUpdated": "2024-08-06T23:15:31.512Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-2861 (GCVE-0-2011-2861)
Vulnerability from cvelistv5 – Published: 2011-09-17 10:00 – Updated: 2024-08-06 23:15
VLAI
EPSS
VEX
Summary
Google Chrome before 14.0.835.163 does not properly handle strings in PDF documents, which allows remote attackers to have an unspecified impact via a crafted document that triggers an incorrect read operation.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
5 references
| URL | Tags |
|---|---|
| http://googlechromereleases.blogspot.com/2011/09/… | x_refsource_CONFIRM |
| https://oval.cisecurity.org/repository/search/def… | vdb-entrysignaturex_refsource_OVAL |
| http://osvdb.org/75563 | vdb-entryx_refsource_OSVDB |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://code.google.com/p/chromium/issues/detail?i… | x_refsource_CONFIRM |
Date Public
2011-09-16 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T23:15:31.493Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://googlechromereleases.blogspot.com/2011/09/stable-channel-update_16.html"
},
{
"name": "oval:org.mitre.oval:def:14677",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14677"
},
{
"name": "75563",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/75563"
},
{
"name": "chrome-string-code-execution(69888)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/69888"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://code.google.com/p/chromium/issues/detail?id=93596"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-09-16T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Google Chrome before 14.0.835.163 does not properly handle strings in PDF documents, which allows remote attackers to have an unspecified impact via a crafted document that triggers an incorrect read operation."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-18T12:57:01.000Z",
"orgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
"shortName": "Chrome"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://googlechromereleases.blogspot.com/2011/09/stable-channel-update_16.html"
},
{
"name": "oval:org.mitre.oval:def:14677",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14677"
},
{
"name": "75563",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/75563"
},
{
"name": "chrome-string-code-execution(69888)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/69888"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://code.google.com/p/chromium/issues/detail?id=93596"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@google.com",
"ID": "CVE-2011-2861",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Google Chrome before 14.0.835.163 does not properly handle strings in PDF documents, which allows remote attackers to have an unspecified impact via a crafted document that triggers an incorrect read operation."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://googlechromereleases.blogspot.com/2011/09/stable-channel-update_16.html",
"refsource": "CONFIRM",
"url": "http://googlechromereleases.blogspot.com/2011/09/stable-channel-update_16.html"
},
{
"name": "oval:org.mitre.oval:def:14677",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14677"
},
{
"name": "75563",
"refsource": "OSVDB",
"url": "http://osvdb.org/75563"
},
{
"name": "chrome-string-code-execution(69888)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/69888"
},
{
"name": "http://code.google.com/p/chromium/issues/detail?id=93596",
"refsource": "CONFIRM",
"url": "http://code.google.com/p/chromium/issues/detail?id=93596"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
"assignerShortName": "Chrome",
"cveId": "CVE-2011-2861",
"datePublished": "2011-09-17T10:00:00.000Z",
"dateReserved": "2011-07-20T00:00:00.000Z",
"dateUpdated": "2024-08-06T23:15:31.493Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-2862 (GCVE-0-2011-2862)
Vulnerability from cvelistv5 – Published: 2011-09-17 10:00 – Updated: 2024-08-06 23:15
VLAI
EPSS
VEX
Summary
Google V8, as used in Google Chrome before 14.0.835.163, does not properly restrict access to built-in objects, which has unspecified impact and remote attack vectors.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
5 references
| URL | Tags |
|---|---|
| https://oval.cisecurity.org/repository/search/def… | vdb-entrysignaturex_refsource_OVAL |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://code.google.com/p/chromium/issues/detail?i… | x_refsource_CONFIRM |
| http://googlechromereleases.blogspot.com/2011/09/… | x_refsource_CONFIRM |
| http://osvdb.org/75564 | vdb-entryx_refsource_OSVDB |
Date Public
2011-09-16 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T23:15:31.501Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "oval:org.mitre.oval:def:14431",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14431"
},
{
"name": "chrome-v8-builtin-sec-bypass(69889)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/69889"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://code.google.com/p/chromium/issues/detail?id=93906"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://googlechromereleases.blogspot.com/2011/09/stable-channel-update_16.html"
},
{
"name": "75564",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/75564"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-09-16T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Google V8, as used in Google Chrome before 14.0.835.163, does not properly restrict access to built-in objects, which has unspecified impact and remote attack vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-18T12:57:01.000Z",
"orgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
"shortName": "Chrome"
},
"references": [
{
"name": "oval:org.mitre.oval:def:14431",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14431"
},
{
"name": "chrome-v8-builtin-sec-bypass(69889)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/69889"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://code.google.com/p/chromium/issues/detail?id=93906"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://googlechromereleases.blogspot.com/2011/09/stable-channel-update_16.html"
},
{
"name": "75564",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/75564"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@google.com",
"ID": "CVE-2011-2862",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Google V8, as used in Google Chrome before 14.0.835.163, does not properly restrict access to built-in objects, which has unspecified impact and remote attack vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "oval:org.mitre.oval:def:14431",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14431"
},
{
"name": "chrome-v8-builtin-sec-bypass(69889)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/69889"
},
{
"name": "http://code.google.com/p/chromium/issues/detail?id=93906",
"refsource": "CONFIRM",
"url": "http://code.google.com/p/chromium/issues/detail?id=93906"
},
{
"name": "http://googlechromereleases.blogspot.com/2011/09/stable-channel-update_16.html",
"refsource": "CONFIRM",
"url": "http://googlechromereleases.blogspot.com/2011/09/stable-channel-update_16.html"
},
{
"name": "75564",
"refsource": "OSVDB",
"url": "http://osvdb.org/75564"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
"assignerShortName": "Chrome",
"cveId": "CVE-2011-2862",
"datePublished": "2011-09-17T10:00:00.000Z",
"dateReserved": "2011-07-20T00:00:00.000Z",
"dateUpdated": "2024-08-06T23:15:31.501Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-2864 (GCVE-0-2011-2864)
Vulnerability from cvelistv5 – Published: 2011-09-17 10:00 – Updated: 2024-08-06 23:15
VLAI
EPSS
VEX
Summary
Google Chrome before 14.0.835.163 does not properly handle Tibetan characters, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
5 references
| URL | Tags |
|---|---|
| https://oval.cisecurity.org/repository/search/def… | vdb-entrysignaturex_refsource_OVAL |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://googlechromereleases.blogspot.com/2011/09/… | x_refsource_CONFIRM |
| http://code.google.com/p/chromium/issues/detail?i… | x_refsource_CONFIRM |
| http://osvdb.org/75565 | vdb-entryx_refsource_OSVDB |
Date Public
2011-09-16 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T23:15:31.487Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "oval:org.mitre.oval:def:14296",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14296"
},
{
"name": "chrome-tibetan-code-execution(69890)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/69890"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://googlechromereleases.blogspot.com/2011/09/stable-channel-update_16.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://code.google.com/p/chromium/issues/detail?id=95563"
},
{
"name": "75565",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/75565"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-09-16T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Google Chrome before 14.0.835.163 does not properly handle Tibetan characters, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-18T12:57:01.000Z",
"orgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
"shortName": "Chrome"
},
"references": [
{
"name": "oval:org.mitre.oval:def:14296",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14296"
},
{
"name": "chrome-tibetan-code-execution(69890)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/69890"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://googlechromereleases.blogspot.com/2011/09/stable-channel-update_16.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://code.google.com/p/chromium/issues/detail?id=95563"
},
{
"name": "75565",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/75565"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@google.com",
"ID": "CVE-2011-2864",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Google Chrome before 14.0.835.163 does not properly handle Tibetan characters, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "oval:org.mitre.oval:def:14296",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14296"
},
{
"name": "chrome-tibetan-code-execution(69890)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/69890"
},
{
"name": "http://googlechromereleases.blogspot.com/2011/09/stable-channel-update_16.html",
"refsource": "CONFIRM",
"url": "http://googlechromereleases.blogspot.com/2011/09/stable-channel-update_16.html"
},
{
"name": "http://code.google.com/p/chromium/issues/detail?id=95563",
"refsource": "CONFIRM",
"url": "http://code.google.com/p/chromium/issues/detail?id=95563"
},
{
"name": "75565",
"refsource": "OSVDB",
"url": "http://osvdb.org/75565"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
"assignerShortName": "Chrome",
"cveId": "CVE-2011-2864",
"datePublished": "2011-09-17T10:00:00.000Z",
"dateReserved": "2011-07-20T00:00:00.000Z",
"dateUpdated": "2024-08-06T23:15:31.487Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-2874 (GCVE-0-2011-2874)
Vulnerability from cvelistv5 – Published: 2011-09-17 10:00 – Updated: 2024-08-06 23:15
VLAI
EPSS
VEX
Summary
Google Chrome before 14.0.835.163 does not perform an expected pin operation for a self-signed certificate during a session, which has unspecified impact and remote attack vectors.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
5 references
| URL | Tags |
|---|---|
| http://osvdb.org/75567 | vdb-entryx_refsource_OSVDB |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://code.google.com/p/chromium/issues/detail?i… | x_refsource_CONFIRM |
| http://googlechromereleases.blogspot.com/2011/09/… | x_refsource_CONFIRM |
| https://oval.cisecurity.org/repository/search/def… | vdb-entrysignaturex_refsource_OVAL |
Date Public
2011-09-16 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T23:15:31.514Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "75567",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/75567"
},
{
"name": "chrome-cert-code-execution(69892)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/69892"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://code.google.com/p/chromium/issues/detail?id=95917"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://googlechromereleases.blogspot.com/2011/09/stable-channel-update_16.html"
},
{
"name": "oval:org.mitre.oval:def:14454",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14454"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-09-16T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Google Chrome before 14.0.835.163 does not perform an expected pin operation for a self-signed certificate during a session, which has unspecified impact and remote attack vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-18T12:57:01.000Z",
"orgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
"shortName": "Chrome"
},
"references": [
{
"name": "75567",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/75567"
},
{
"name": "chrome-cert-code-execution(69892)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/69892"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://code.google.com/p/chromium/issues/detail?id=95917"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://googlechromereleases.blogspot.com/2011/09/stable-channel-update_16.html"
},
{
"name": "oval:org.mitre.oval:def:14454",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14454"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@google.com",
"ID": "CVE-2011-2874",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Google Chrome before 14.0.835.163 does not perform an expected pin operation for a self-signed certificate during a session, which has unspecified impact and remote attack vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "75567",
"refsource": "OSVDB",
"url": "http://osvdb.org/75567"
},
{
"name": "chrome-cert-code-execution(69892)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/69892"
},
{
"name": "http://code.google.com/p/chromium/issues/detail?id=95917",
"refsource": "CONFIRM",
"url": "http://code.google.com/p/chromium/issues/detail?id=95917"
},
{
"name": "http://googlechromereleases.blogspot.com/2011/09/stable-channel-update_16.html",
"refsource": "CONFIRM",
"url": "http://googlechromereleases.blogspot.com/2011/09/stable-channel-update_16.html"
},
{
"name": "oval:org.mitre.oval:def:14454",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14454"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
"assignerShortName": "Chrome",
"cveId": "CVE-2011-2874",
"datePublished": "2011-09-17T10:00:00.000Z",
"dateReserved": "2011-07-20T00:00:00.000Z",
"dateUpdated": "2024-08-06T23:15:31.514Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…