Lucene search

[email protected]CVE-2011-3908

HistoryDec 13, 2011 - 9:55 p.m.

CVE-2011-3908

2011-12-1321:55:01

CWE-125

[email protected]

web.nvd.nist.gov

cve-2011-3908

google chrome

denial of service

out-of-bounds read

nvd

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

6.1 Medium

AI Score

Confidence

Low

0.018 Low

EPSS

Percentile

88.2%

JSON

Google Chrome before 16.0.912.63 does not properly parse SVG documents, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.

Affected configurations

NVD

Node

googlechromeRange<16.0.912.63

Node

appleitunesRange<10.6

applesafariRange<5.1.4

appleiphone_osRange<5.1

CPENameOperatorVersion
google:chromegoogle chromelt16.0.912.63

CPE	Name	Operator	Version
google:chrome	google chrome	lt	16.0.912.63

References

code.google.com/p/chromium/issues/detail?id=100863

googlechromereleases.blogspot.com/2011/12/stable-channel-update.html

lists.apple.com/archives/security-announce/2012/Mar/msg00000.html

lists.apple.com/archives/security-announce/2012/Mar/msg00001.html

lists.apple.com/archives/security-announce/2012/Mar/msg00003.html

secunia.com/advisories/48274

secunia.com/advisories/48288

secunia.com/advisories/48377

www.securitytracker.com/id?1026774

exchange.xforce.ibmcloud.com/vulnerabilities/73807

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14791

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

6.1 Medium

AI Score

Confidence

Low

0.018 Low

EPSS

Percentile

88.2%

JSON

Related for CVE-2011-3908

prion1 cvelist1 nvd1 debiancve1 ubuntucve1 gentoo1 openvas16 nessus13 chrome1 freebsd1 threatpost1 securityvulns3