Lucene search

MitreCVE-2011-1298

HistoryNov 06, 2019 - 7:15 p.m.

CVE-2011-1298

2019-11-0619:15:11

CWE-190

mitre

web.nvd.nist.gov

cve-2011-1298

integer overflow

webkit

google chrome

blink m11

macos

webcore

graphicscontext

fillrect

nvd

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

AI Score

7.2

Confidence

High

EPSS

0.001

Percentile

49.1%

JSON

An Integer Overflow exists in WebKit in Google Chrome before Blink M11 in the macOS WebCore::GraphicsContext::fillRect function.

Affected configurations

Nvd

Node

googleblinkRange<m11chromium

AND

applemacosMatch-

VendorProductVersionCPE
googleblink*cpe:2.3:a:google:blink:*:*:*:*:*:chromium:*:*
applemacos-cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
google	blink	*	cpe:2.3:a:google:blink::::::chromium::*
apple	macos	-	cpe:2.3:o:apple:macos:-:::::::*

References

trac.webkit.org/changeset/80579

trac.webkit.org/changeset/81431

bugs.chromium.org/p/chromium/issues/detail?id=75155

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

AI Score

7.2

Confidence

High

EPSS

0.001

Percentile

49.1%

JSON

Related for CVE-2011-1298