CVE-2011-3881

2011-10-2519:55:01

CWE-79

Chrome

web.nvd.nist.gov

cve

2011

3881

webkit

universal xss

chrome

android

same origin policy

domwindow::clear

xss attacks

htmlpluginimageelement

xsltprocessor

scriptcontroller.

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.4

Confidence

Low

EPSS

0.003

Percentile

71.7%

JSON

WebKit, as used in Google Chrome before 15.0.874.102 and Android before 4.4, allows remote attackers to bypass the Same Origin Policy and conduct Universal XSS (UXSS) attacks via vectors related to (1) the DOMWindow::clear function and use of a selection object, (2) the Object::GetRealNamedPropertyInPrototypeChain function and use of an proto property, (3) the HTMLPlugInImageElement::allowedToLoadFrameURL function and use of a javascript: URL, (4) incorrect origins for XSLT-generated documents in the XSLTProcessor::createDocumentFromSource function, and (5) improper handling of synchronous frame loads in the ScriptController::executeIfJavaScriptURL function.

Affected configurations

Nvd

Node

googlechromeRange<15.0.874.102

Node

googleandroidRange<4.4

Node

applesafariRange<5.1.4

appleiphone_osRange<5.1

VendorProductVersionCPE
googlechrome*cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*
googleandroid*cpe:2.3:o:google:android:*:*:*:*:*:*:*:*
applesafari*cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*
appleiphone_os*cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
google	chrome	*	cpe:2.3:a:google:chrome::::::::
google	android	*	cpe:2.3:o:google:android::::::::
apple	safari	*	cpe:2.3:a:apple:safari::::::::
apple	iphone_os	*	cpe:2.3:o:apple:iphone_os::::::::