Lucene search

[email protected]CVE-2011-3098

HistoryMay 16, 2012 - 12:55 a.m.

CVE-2011-3098

2012-05-1600:55:03

CWE-264

[email protected]

web.nvd.nist.gov

google chrome

windows

cve-2011-3098

nvd

security vulnerability

privilege escalation

search path

windows media player

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

6.1 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

JSON

Google Chrome before 19.0.1084.46 on Windows uses an incorrect search path for the Windows Media Player plug-in, which might allow local users to gain privileges via a Trojan horse plug-in in an unspecified directory.

Affected configurations

NVD

Node

opensuseopensuseMatch12.1

Node

googlechromeRange≤19.0.1084.45

AND

microsoftwindows

CPENameOperatorVersion
opensuse:opensuseopensuseeq12.1

CPE	Name	Operator	Version
opensuse:opensuse	opensuse	eq	12.1

References

code.google.com/p/chromium/issues/detail?id=124216

googlechromereleases.blogspot.com/2012/05/stable-channel-update.html

lists.opensuse.org/opensuse-security-announce/2012-05/msg00017.html

lists.opensuse.org/opensuse-security-announce/2012-08/msg00009.html

www.securityfocus.com/bid/53540

www.securitytracker.com/id?1027067

exchange.xforce.ibmcloud.com/vulnerabilities/75603

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15618

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

6.1 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

JSON

Related for CVE-2011-3098

prion1 debiancve1 msvr1 cvelist1 nvd1 ubuntucve1 suse2 openvas6 nessus5 chrome1 threatpost1