Lucene search

[email protected]CVE-2011-3102

HistoryMay 16, 2012 - 12:55 a.m.

CVE-2011-3102

2012-05-1600:55:03

CWE-189

[email protected]

web.nvd.nist.gov

cve

libxml2

google chrome

denial of service

remote attackers

nvd

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

6.5 Medium

AI Score

Confidence

High

0.046 Low

EPSS

Percentile

92.5%

JSON

Off-by-one error in libxml2, as used in Google Chrome before 19.0.1084.46 and other products, allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via unknown vectors.

Affected configurations

NVD

Node

googlechromeRange≤19.0.1084.45

Node

appleiphone_osRange≤6.1.4

appleiphone_osMatch1.0.0

appleiphone_osMatch1.0.1

appleiphone_osMatch1.0.2

appleiphone_osMatch1.1.0

appleiphone_osMatch1.1.1

appleiphone_osMatch1.1.2

appleiphone_osMatch1.1.3

appleiphone_osMatch1.1.4

appleiphone_osMatch1.1.5

appleiphone_osMatch2.0

appleiphone_osMatch2.0.0

appleiphone_osMatch2.0.1

appleiphone_osMatch2.0.2

appleiphone_osMatch2.1

appleiphone_osMatch2.1.1

appleiphone_osMatch2.2

appleiphone_osMatch2.2.1

appleiphone_osMatch3.0

appleiphone_osMatch3.0.1

appleiphone_osMatch3.1

appleiphone_osMatch3.1.2

appleiphone_osMatch3.1.3

appleiphone_osMatch3.2

appleiphone_osMatch3.2.1

appleiphone_osMatch3.2.2

appleiphone_osMatch4.0

appleiphone_osMatch4.0.1

appleiphone_osMatch4.0.2

appleiphone_osMatch4.1

appleiphone_osMatch4.2.1

appleiphone_osMatch4.2.5

appleiphone_osMatch4.2.8

appleiphone_osMatch4.3.0

appleiphone_osMatch4.3.1

appleiphone_osMatch4.3.2

appleiphone_osMatch4.3.3

appleiphone_osMatch4.3.5

appleiphone_osMatch5.0

appleiphone_osMatch5.0.1

appleiphone_osMatch5.1

appleiphone_osMatch5.1.1

appleiphone_osMatch6.0

appleiphone_osMatch6.0.1

appleiphone_osMatch6.0.2

appleiphone_osMatch6.1

appleiphone_osMatch6.1.2

appleiphone_osMatch6.1.3

CPENameOperatorVersion
google:chromegoogle chromele19.0.1084.45

CPE	Name	Operator	Version
google:chrome	google chrome	le	19.0.1084.45

References

code.google.com/p/chromium/issues/detail?id=125462

googlechromereleases.blogspot.com/2012/05/stable-channel-update.html

lists.apple.com/archives/security-announce/2013/Oct/msg00009.html

lists.apple.com/archives/security-announce/2013/Sep/msg00006.html

lists.opensuse.org/opensuse-security-announce/2012-05/msg00017.html

lists.opensuse.org/opensuse-security-announce/2013-11/msg00002.html

rhn.redhat.com/errata/RHSA-2013-0217.html

secunia.com/advisories/49243

secunia.com/advisories/50658

secunia.com/advisories/54886

secunia.com/advisories/55568

support.apple.com/kb/HT5934

support.apple.com/kb/HT6001

www.debian.org/security/2012/dsa-2479

www.mandriva.com/security/advisories?name=MDVSA-2012:098

www.mandriva.com/security/advisories?name=MDVSA-2013:056

www.securityfocus.com/bid/53540

www.securitytracker.com/id?1027067

www.xerox.com/download/security/security-bulletin/16287-4d6b7b0c81f7b/cert_XRX13-003_v1.0.pdf

exchange.xforce.ibmcloud.com/vulnerabilities/75607

lists.opensuse.org/opensuse-updates/2012-06/msg00011.html

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

6.5 Medium

AI Score

Confidence

High

0.046 Low

EPSS

Percentile

92.5%

JSON

Related for CVE-2011-3102

nessus35 debian1 securityvulns8 openvas39 cvelist1 ubuntu1 prion1 gentoo1 debiancve1 veracode1 ubuntucve1 nvd1 freebsd1 redhat4 amazon1 centos2 oraclelinux3 suse3 fedora2 vmware2 chrome1 threatpost1