Lucene search

[email protected]CVE-2011-2825

HistoryAug 29, 2011 - 3:55 p.m.

CVE-2011-2825

2011-08-2915:55:01

CWE-416

[email protected]

web.nvd.nist.gov

cve-2011-2825

use-after-free vulnerability

google chrome

denial of service

custom fonts

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7 High

AI Score

Confidence

High

0.092 Low

EPSS

Percentile

94.7%

JSON

Use-after-free vulnerability in Google Chrome before 13.0.782.215 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving custom fonts.

Affected configurations

NVD

Node

googlechromeRange<13.0.782.215

Node

appleitunesRange<10.6

applesafariRange<5.1.4

appleiphone_osRange<5.1

CPENameOperatorVersion
google:chromegoogle chromelt13.0.782.215

CPE	Name	Operator	Version
google:chrome	google chrome	lt	13.0.782.215

References

code.google.com/p/chromium/issues/detail?id=88670

googlechromereleases.blogspot.com/2011/08/stable-channel-update_22.html

lists.apple.com/archives/security-announce/2012/Mar/msg00000.html

lists.apple.com/archives/security-announce/2012/Mar/msg00001.html

lists.apple.com/archives/security-announce/2012/Mar/msg00003.html

secunia.com/advisories/48274

secunia.com/advisories/48288

secunia.com/advisories/48377

www.securitytracker.com/id?1026774

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14421

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7 High

AI Score

Confidence

High

0.092 Low

EPSS

Percentile

94.7%

JSON

Related for CVE-2011-2825

ubuntucve1 zdi1 prion1 cvelist1 nvd1 debiancve1 openvas14 nessus9 chrome1 threatpost1 securityvulns3 freebsd1