Lucene search

[email protected]CVE-2011-3054

HistoryMar 22, 2012 - 4:55 p.m.

CVE-2011-3054

2012-03-2216:55:01

CWE-269

[email protected]

web.nvd.nist.gov

google chrome

webui

privilege

vulnerability

cve-2011-3054

nvd

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

6.2 Medium

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

71.6%

JSON

The WebUI privilege implementation in Google Chrome before 17.0.963.83 does not properly perform isolation, which allows remote attackers to bypass intended access restrictions via unspecified vectors.

Affected configurations

NVD

Node

googlechromeRange<17.0.963.83

Node

opensuseopensuseMatch12.1

CPENameOperatorVersion
google:chromegoogle chromelt17.0.963.83

CPE	Name	Operator	Version
google:chrome	google chrome	lt	17.0.963.83

References

code.google.com/p/chromium/issues/detail?id=117418

googlechromereleases.blogspot.com/2012/03/stable-channel-update_21.html

lists.opensuse.org/opensuse-security-announce/2012-04/msg00000.html

osvdb.org/80292

secunia.com/advisories/48512

secunia.com/advisories/48527

security.gentoo.org/glsa/glsa-201203-19.xml

www.securityfocus.com/bid/52674

www.securitytracker.com/id?1026841

exchange.xforce.ibmcloud.com/vulnerabilities/74214

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15028

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

6.2 Medium

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

71.6%

JSON

Related for CVE-2011-3054

nvd1 prion1 cvelist1 debiancve1 ubuntucve1 nessus6 chrome1 threatpost1 openvas12 suse1 freebsd1 gentoo1