Details of VAR-201102-0159

ID

VAR-201102-0159

CVE

CVE-2011-0782

TITLE

Google Chrome Service disruption in ( Application crash ) Vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2011-002852

DESCRIPTION

Google Chrome before 9.0.597.84 on Mac OS X does not properly mitigate an unspecified flaw in the Mac OS X 10.5 SSL libraries, which allows remote attackers to cause a denial of service (application crash) via unknown vectors. Google Chrome is prone to multiple vulnerabilities. Attackers may exploit these issues to execute arbitrary code in the context of the browser or cause denial-of-service conditions; other attacks are also possible. Chrome versions prior to 9.0.597.84 are vulnerable. Google Chrome is a web browser developed by Google (Google)

Trust: 1.98

sources: NVD: CVE-2011-0782 // JVNDB: JVNDB-2011-002852 // BID: 46144 // VULHUB: VHN-48727

AFFECTED PRODUCTS

vendor:	google	model:	chrome	scope:	lt	version:	9.0.597.84	Trust: 1.8
vendor:	google	model:	chrome	scope:	eq	version:	6.0.472.59	Trust: 0.6
vendor:	google	model:	chrome	scope:	eq	version:	6.0.478.0	Trust: 0.6
vendor:	google	model:	chrome	scope:	eq	version:	9.0.597.66	Trust: 0.6
vendor:	google	model:	chrome	scope:	eq	version:	6.0.460.0	Trust: 0.6
vendor:	google	model:	chrome	scope:	eq	version:	6.0.459.0	Trust: 0.6
vendor:	google	model:	chrome	scope:	eq	version:	6.0.458.2	Trust: 0.6
vendor:	google	model:	chrome	scope:	eq	version:	6.0.477.0	Trust: 0.6
vendor:	google	model:	chrome	scope:	eq	version:	6.0.486.0	Trust: 0.6
vendor:	google	model:	chrome	scope:	eq	version:	6.0.485.0	Trust: 0.6
vendor:	google	model:	chrome	scope:	eq	version:	6.0.472.60	Trust: 0.6
vendor:	webkit	model:	open source project webkit	scope:	eq	version:	1.2.5	Trust: 0.3
vendor:	webkit	model:	open source project webkit	scope:	eq	version:	1.2.3	Trust: 0.3
vendor:	webkit	model:	open source project webkit	scope:	eq	version:	1.2.2	Trust: 0.3
vendor:	webkit	model:	open source project webkit r77705	scope:	-	version:	-	Trust: 0.3
vendor:	webkit	model:	open source project webkit r52833	scope:	-	version:	-	Trust: 0.3
vendor:	webkit	model:	open source project webkit r52401	scope:	-	version:	-	Trust: 0.3
vendor:	webkit	model:	open source project webkit r51295	scope:	-	version:	-	Trust: 0.3
vendor:	webkit	model:	open source project webkit r38566	scope:	-	version:	-	Trust: 0.3
vendor:	webkit	model:	open source project webkit	scope:	eq	version:	1.2.x	Trust: 0.3
vendor:	webkit	model:	open source project webkit	scope:	eq	version:	1.2.2-1	Trust: 0.3
vendor:	webkit	model:	open source project webkit	scope:	eq	version:	0	Trust: 0.3
vendor:	ubuntu	model:	linux powerpc	scope:	eq	version:	10.10	Trust: 0.3
vendor:	ubuntu	model:	linux i386	scope:	eq	version:	10.10	Trust: 0.3
vendor:	ubuntu	model:	linux arm	scope:	eq	version:	10.10	Trust: 0.3
vendor:	ubuntu	model:	linux amd64	scope:	eq	version:	10.10	Trust: 0.3
vendor:	ubuntu	model:	linux sparc	scope:	eq	version:	10.04	Trust: 0.3
vendor:	ubuntu	model:	linux powerpc	scope:	eq	version:	10.04	Trust: 0.3
vendor:	ubuntu	model:	linux i386	scope:	eq	version:	10.04	Trust: 0.3
vendor:	ubuntu	model:	linux arm	scope:	eq	version:	10.04	Trust: 0.3
vendor:	ubuntu	model:	linux amd64	scope:	eq	version:	10.04	Trust: 0.3
vendor:	srware	model:	iron	scope:	eq	version:	8.0.555.1	Trust: 0.3
vendor:	srware	model:	iron	scope:	eq	version:	8.0.555.0	Trust: 0.3
vendor:	s u s e	model:	opensuse	scope:	eq	version:	11.3	Trust: 0.3
vendor:	s u s e	model:	opensuse	scope:	eq	version:	11.2	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.310	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.309	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.308	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.307	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.306	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.305	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.304	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.303	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.302	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.301	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.300	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.237	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.226	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.225	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.224	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.223	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.222	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.221	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.220	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.219	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.218	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.217	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.216	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.215	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.214	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.213	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.212	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.211	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.210	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.21	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.209	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.208	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.207	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.206	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.205	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.204	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.203	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.202	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.201	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.200	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.20	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.2	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.19	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.18	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.17	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.16	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.15	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.14	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.13	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.12	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.11	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.105	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.104	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.103	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.102	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.101	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.100	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.10	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.1	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.552.0	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.551.1	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.551.0	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.550.0	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	8.0.549.0	Trust: 0.3
vendor:	google	model:	chrome	scope:	eq	version:	7.0.548.0	Trust: 0.3
vendor:	debian	model:	linux sparc	scope:	eq	version:	5.0	Trust: 0.3
vendor:	debian	model:	linux s/390	scope:	eq	version:	5.0	Trust: 0.3
vendor:	debian	model:	linux powerpc	scope:	eq	version:	5.0	Trust: 0.3
vendor:	debian	model:	linux mipsel	scope:	eq	version:	5.0	Trust: 0.3
vendor:	debian	model:	linux mips	scope:	eq	version:	5.0	Trust: 0.3
vendor:	debian	model:	linux m68k	scope:	eq	version:	5.0	Trust: 0.3
vendor:	debian	model:	linux ia-64	scope:	eq	version:	5.0	Trust: 0.3
vendor:	debian	model:	linux ia-32	scope:	eq	version:	5.0	Trust: 0.3
vendor:	debian	model:	linux hppa	scope:	eq	version:	5.0	Trust: 0.3
vendor:	debian	model:	linux armel	scope:	eq	version:	5.0	Trust: 0.3
vendor:	debian	model:	linux arm	scope:	eq	version:	5.0	Trust: 0.3
vendor:	debian	model:	linux amd64	scope:	eq	version:	5.0	Trust: 0.3
vendor:	debian	model:	linux alpha	scope:	eq	version:	5.0	Trust: 0.3
vendor:	debian	model:	linux	scope:	eq	version:	5.0	Trust: 0.3
vendor:	srware	model:	iron	scope:	ne	version:	9.0.600.1	Trust: 0.3
vendor:	google	model:	chrome	scope:	ne	version:	9.0.597.84	Trust: 0.3

sources: BID: 46144 // JVNDB: JVNDB-2011-002852 // CNNVD: CNNVD-201102-069 // NVD: CVE-2011-0782

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2011-0782
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2011-0782
value:	MEDIUM
Trust: 0.8
CNNVD:	CNNVD-201102-069
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-48727
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2011-0782
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-48727
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-48727 // JVNDB: JVNDB-2011-002852 // CNNVD: CNNVD-201102-069 // NVD: CVE-2011-0782

PROBLEMTYPE DATA

problemtype:

NVD-CWE-noinfo

Trust: 1.0

sources: NVD: CVE-2011-0782

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201102-069

TYPE

lack of information

Trust: 0.6

sources: CNNVD: CNNVD-201102-069

CONFIGURATIONS

sources: JVNDB: JVNDB-2011-002852

PATCH

title:	Google Chrome	url:	http://www.google.co.jp/chrome/intl/ja/landing_ff_yt.html?hl=ja&hl=ja	Trust: 0.8
title:	stable-channel-update	url:	http://googlechromereleases.blogspot.com/2011/02/stable-channel-update.html	Trust: 0.8
title:	Google Chrome SSL Repair measures for library file denial of service vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=120620	Trust: 0.6

sources: JVNDB: JVNDB-2011-002852 // CNNVD: CNNVD-201102-069

EXTERNAL IDS

db:	NVD	id:	CVE-2011-0782	Trust: 2.8
db:	JVNDB	id:	JVNDB-2011-002852	Trust: 0.8
db:	CNNVD	id:	CNNVD-201102-069	Trust: 0.7
db:	BID	id:	46144	Trust: 0.3
db:	VULHUB	id:	VHN-48727	Trust: 0.1

sources: VULHUB: VHN-48727 // BID: 46144 // JVNDB: JVNDB-2011-002852 // CNNVD: CNNVD-201102-069 // NVD: CVE-2011-0782

REFERENCES

url:	http://googlechromereleases.blogspot.com/2011/02/stable-channel-update.html	Trust: 2.0
url:	http://code.google.com/p/chromium/issues/detail?id=66931	Trust: 1.7
url:	https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a14243	Trust: 1.7
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-0782	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-0782	Trust: 0.8
url:	http://www.google.com/chrome	Trust: 0.3
url:	http://www.srware.net/forum/viewtopic.php?f=18&t=2190	Trust: 0.3

sources: VULHUB: VHN-48727 // BID: 46144 // JVNDB: JVNDB-2011-002852 // CNNVD: CNNVD-201102-069 // NVD: CVE-2011-0782

CREDITS

Daniel Cheng of the Chromium development community, Aki Helin of OUSPG, Google Chrome Security Team (SkyLined, Inferno) and the Google Security Team (Michal Zalewski, David Bloom), Brian Kirchoff, Dan Morrison, Matthew Heidermann, Reddit.

Trust: 0.3

sources: BID: 46144

SOURCES

db:	VULHUB	id:	VHN-48727
db:	BID	id:	46144
db:	JVNDB	id:	JVNDB-2011-002852
db:	CNNVD	id:	CNNVD-201102-069
db:	NVD	id:	CVE-2011-0782

LAST UPDATE DATE

2024-11-23T20:22:51.428000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-48727	date:	2020-06-04T00:00:00
db:	BID	id:	46144	date:	2015-04-13T21:44:00
db:	JVNDB	id:	JVNDB-2011-002852	date:	2011-11-16T00:00:00
db:	CNNVD	id:	CNNVD-201102-069	date:	2020-06-05T00:00:00
db:	NVD	id:	CVE-2011-0782	date:	2024-11-21T01:24:49.893

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-48727	date:	2011-02-04T00:00:00
db:	BID	id:	46144	date:	2011-02-03T00:00:00
db:	JVNDB	id:	JVNDB-2011-002852	date:	2011-11-16T00:00:00
db:	CNNVD	id:	CNNVD-201102-069	date:	2011-02-09T00:00:00
db:	NVD	id:	CVE-2011-0782	date:	2011-02-04T18:00:03.420