CVE-2011-3079
10 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
6.8 Medium
AI Score
Confidence
High
0.011 Low
EPSS
Percentile
84.7%
The Inter-process Communication (IPC) implementation in Google Chrome before 18.0.1025.168, as used in Mozilla Firefox before 38.0 and other products, does not properly validate messages, which has unspecified impact and attack vectors.
Affected configurations
| CPE | Name | Operator | Version |
|---|---|---|---|
| opensuse:opensuse | opensuse | eq | 13.1 |
| opensuse:opensuse | opensuse | eq | 13.2 |
References
code.google.com/p/chromium/issues/detail?id=117627
googlechromereleases.blogspot.com/2012/04/stable-channel-update_30.html
lists.opensuse.org/opensuse-security-announce/2015-05/msg00012.html
lists.opensuse.org/opensuse-security-announce/2015-07/msg00031.html
lists.opensuse.org/opensuse-updates/2015-05/msg00036.html
osvdb.org/81645
rhn.redhat.com/errata/RHSA-2015-1012.html
secunia.com/advisories/48992
www.debian.org/security/2015/dsa-3260
www.mozilla.org/security/announce/2015/mfsa2015-57.html
www.securityfocus.com/bid/53309
www.securitytracker.com/id?1027001
bugzilla.mozilla.org/show_bug.cgi?id=1087565
exchange.xforce.ibmcloud.com/vulnerabilities/75271
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14964
www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird31.7
Related
10 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
6.8 Medium
AI Score
Confidence
High
0.011 Low
EPSS
Percentile
84.7%