ID

VAR-201110-0472


CVE

CVE-2011-3881


TITLE

Used in multiple products Webkit Vulnerabilities that bypass the same origin policy

Trust: 0.8

sources: JVNDB: JVNDB-2011-002672

DESCRIPTION

WebKit, as used in Google Chrome before 15.0.874.102 and Android before 4.4, allows remote attackers to bypass the Same Origin Policy and conduct Universal XSS (UXSS) attacks via vectors related to (1) the DOMWindow::clear function and use of a selection object, (2) the Object::GetRealNamedPropertyInPrototypeChain function and use of an __proto__ property, (3) the HTMLPlugInImageElement::allowedToLoadFrameURL function and use of a javascript: URL, (4) incorrect origins for XSLT-generated documents in the XSLTProcessor::createDocumentFromSource function, and (5) improper handling of synchronous frame loads in the ScriptController::executeIfJavaScriptURL function. Used in multiple products Webkit Has the same origin policy (Same origin policy) There are vulnerabilities that can be avoided.Same origin policy by a third party (Same origin policy) May be avoided. Google Chrome is prone to multiple vulnerabilities. Attackers can exploit these issues to execute arbitrary code, steal cookie-based authentication credentials, bypass the cross-origin restrictions, perform spoofing attacks, and disclose potentially sensitive information, other attacks may also be possible. Versions prior to Chrome 15.0.874.102 are vulnerable. Google Chrome is a web browser developed by Google (Google). Remote attackers can bypass the same-origin policy with the help of unidentified vectors. These could be used in a malicious web site to direct the user to a spoofed site that visually appears to be a legitimate domain. This issue is addressed through an improved domain name validity check. This issue does not affect OS X systems. CVE-ID CVE-2012-0640 : nshah WebKit Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7.3, OS X Lion Server v10.7.3, Windows 7, Vista, XP SP2 or later Impact: HTTP authentication credentials may be inadvertently disclosed to another site Description: If a site uses HTTP authentication and redirects to another site, the authentication credentials may be sent to the other site. ---------------------------------------------------------------------- Become a PSI 3.0 beta tester! Test-drive the new beta version and tell us what you think about its extended automatic update function and significantly enhanced user-interface. Download it here! http://secunia.com/psi_30_beta_launch ---------------------------------------------------------------------- TITLE: Apple iOS Multiple Vulnerabilities SECUNIA ADVISORY ID: SA48288 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/48288/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=48288 RELEASE DATE: 2012-03-09 DISCUSS ADVISORY: http://secunia.com/advisories/48288/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/48288/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=48288 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A weakness and multiple vulnerabilities have been reported in Apple iOS, which can be exploited by malicious people with physical access to bypass certain security restrictions and by malicious people to disclose sensitive information, conduct cross-site scripting attacks, bypass certain security restrictions, and compromise a user's device. 1) An error within the CFNetwork component when handling URLs can be exploited to disclose sensitive information by tricking the user into visiting a malicious website. 3) A logic error within the kernel does not properly handle debug system calls and can be exploited to bypass the sandbox restrictions. 4) An integer overflow error within the libresolv library when handling DNS resource records can be exploited to corrupt heap memory. 9) A cross-origin error in the WebKit component can be exploited to bypass the same-origin policy and disclose a cookie by tricking the user into visiting a malicious website. 10) An error within the WebKit component when handling drag-and-drop actions can be exploited to conduct cross-site scripting attacks. 11) Multiple unspecified errors within the WebKit component can be exploited to conduct cross-site scripting attacks. 12) Some vulnerabilities are caused due to a bundled vulnerable version of WebKit. SOLUTION: Apply iOS 5.1 Software Update. PROVIDED AND/OR DISCOVERED BY: The vendor credits: 1) Erling Ellingsen, Facebook. 2, 8) pod2g. 3) 2012 iOS Jailbreak Dream Team. 5) Roland Kohler, the German Federal Ministry of Economics and Technology. 6) Eric Melville, American Express. 9) Sergey Glazunov. ORIGINAL ADVISORY: Apple: http://support.apple.com/kb/HT5192 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ---------------------------------------------------------------------- . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2012-03-07-2 iOS 5.1 Software Update iOS 5.1 Software Update is now available and addresses the following: CFNetwork Available for: iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2 Impact: Visiting a maliciously crafted website may lead to the disclosure of sensitive information Description: An issue existed in CFNetwork's handling of malformed URLs. When accessing a maliciously crafted URL, CFNetwork could send unexpected request headers. CVE-ID CVE-2012-0641 : Erling Ellingsen of Facebook HFS Available for: iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2 Impact: Mounting a maliciously crafted disk image may lead to a device shutdown or arbitrary code execution Description: An integer underflow existed with the handling of HFS catalog files. CVE-ID CVE-2012-0642 : pod2g Kernel Available for: iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2 Impact: A malicious program could bypass sandbox restrictions Description: A logic issue existed in the handling of debug system calls. This may allow a malicious program to gain code execution in other programs with the same user privileges. CVE-ID CVE-2012-0643 : 2012 iOS Jailbreak Dream Team libresolv Available for: iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2 Impact: Applications that use the libresolv library may be vulnerable to an unexpected application termination or arbitrary code execution Description: An integer overflow existed in the handling of DNS resource records, which may lead to heap memory corruption. CVE-ID CVE-2011-3453 : Ilja van Sprundel of IOActive Passcode Lock Available for: iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2 Impact: A person with physical access to the device may be able to bypass the screen lock Description: A race condition issue existed in the handling of slide to dial gestures. This may allow a person with physical access to the device to bypass the Passcode Lock screen. CVE-ID CVE-2012-0644 : Roland Kohler of the German Federal Ministry of Economics and Technology Safari Available for: iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2 Impact: Web page visits may be recorded in browser history even when Private Browsing is active Description: Safari's Private Browsing is designed to prevent recording of a browsing session. Pages visited as a result of a site using the JavaScript methods pushState or replaceState were recorded in the browser history even when Private Browsing mode was active. This issue is addressed by not recording such visits when Private Browsing is active. CVE-ID CVE-2012-0585 : Eric Melville of American Express Siri Available for: iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2 Impact: An attacker with physical access to a locked phone could get access to frontmost email message Description: A design issue existed in Siri's lock screen restrictions. If Siri was enabled for use on the lock screen, and Mail was open with a message selected behind the lock screen, a voice command could be used to send that message to an arbitrary recipient. This issue is addressed by disabling forwarding of active messages from the lock screen. CVE-ID CVE-2012-0645 VPN Available for: iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2 Impact: A maliciously crafted system configuration file may lead to arbitrary code execution with system privileges Description: A format string vulnerability existed in the handling of racoon configuration files. CVE-ID CVE-2012-0646 : pod2g WebKit Available for: iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2 Impact: Visiting a maliciously crafted website may lead to the disclosure of cookies Description: A cross-origin issue existed in WebKit, which may allow cookies to be disclosed across origins. CVE-ID CVE-2011-3887 : Sergey Glazunov WebKit Available for: iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2 Impact: Visiting a maliciously crafted website and dragging content with the mouse may lead to a cross-site scripting attack Description: A cross-origin issue existed in WebKit, which may allow content to be dragged and dropped across origins. CVE-ID CVE-2012-0590 : Adam Barth of Google Chrome Security Team WebKit Available for: iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2 Impact: Visiting a maliciously crafted website may lead to a cross- site scripting attack Description: Multiple cross-origin issues existed in WebKit. CVE-ID CVE-2011-3881 : Sergey Glazunov CVE-2012-0586 : Sergey Glazunov CVE-2012-0587 : Sergey Glazunov CVE-2012-0588 : Jochen Eisinger of Google Chrome Team CVE-2012-0589 : Alan Austin of polyvore.com WebKit Available for: iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2 Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution Description: Multiple memory corruption issues existed in WebKit. CVE-ID CVE-2011-2825 : wushi of team509 working with TippingPoint's Zero Day Initiative CVE-2011-2833 : Apple CVE-2011-2846 : Arthur Gerkis, miaubiz CVE-2011-2847 : miaubiz, Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer CVE-2011-2854 : Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer CVE-2011-2855 : Arthur Gerkis, wushi of team509 working with iDefense VCP CVE-2011-2857 : miaubiz CVE-2011-2860 : Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer CVE-2011-2867 : Dirk Schulze CVE-2011-2868 : Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer CVE-2011-2869 : Cris Neckar of Google Chrome Security Team using AddressSanitizer CVE-2011-2870 : Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer CVE-2011-2871 : Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer CVE-2011-2872 : Abhishek Arya (Inferno) and Cris Neckar of Google Chrome Security Team using AddressSanitizer CVE-2011-2873 : Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer CVE-2011-2877 : miaubiz CVE-2011-3885 : miaubiz CVE-2011-3888 : miaubiz CVE-2011-3897 : pa_kt working with TippingPoint's Zero Day Initiative CVE-2011-3908 : Aki Helin of OUSPG CVE-2011-3909 : Google Chrome Security Team (scarybeasts) and Chu CVE-2011-3928 : wushi of team509 working with TippingPoint's Zero Day Initiative CVE-2012-0591 : miaubiz, and Martin Barbella CVE-2012-0592 : Alexander Gavrun working with TippingPoint's Zero Day Initiative CVE-2012-0593 : Lei Zhang of the Chromium development community CVE-2012-0594 : Adam Klein of the Chromium development community CVE-2012-0595 : Apple CVE-2012-0596 : Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer CVE-2012-0597 : miaubiz CVE-2012-0598 : Sergey Glazunov CVE-2012-0599 : Dmytro Gorbunov of SaveSources.com CVE-2012-0600 : Marshall Greenblatt, Dharani Govindan of Google Chrome, miaubiz, Aki Helin of OUSPG, Apple CVE-2012-0601 : Apple CVE-2012-0602 : Apple CVE-2012-0603 : Apple CVE-2012-0604 : Apple CVE-2012-0605 : Apple CVE-2012-0606 : Apple CVE-2012-0607 : Apple CVE-2012-0608 : Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer CVE-2012-0609 : Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer CVE-2012-0610 : miaubiz, Martin Barbella using AddressSanitizer CVE-2012-0611 : Martin Barbella using AddressSanitizer CVE-2012-0612 : Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer CVE-2012-0613 : Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer CVE-2012-0614 : miaubiz, Martin Barbella using AddressSanitizer CVE-2012-0615 : Martin Barbella using AddressSanitizer CVE-2012-0616 : miaubiz CVE-2012-0617 : Martin Barbella using AddressSanitizer CVE-2012-0618 : Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer CVE-2012-0619 : Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer CVE-2012-0620 : Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer CVE-2012-0621 : Martin Barbella using AddressSanitizer CVE-2012-0622 : Dave Levin and Abhishek Arya of the Google Chrome Security Team CVE-2012-0623 : Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer CVE-2012-0624 : Martin Barbella using AddressSanitizer CVE-2012-0625 : Martin Barbella CVE-2012-0626 : Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer CVE-2012-0627 : Apple CVE-2012-0628 : Slawomir Blazek, miaubiz, Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer CVE-2012-0629 : Abhishek Arya (Inferno) of Google Chrome Security Team CVE-2012-0630 : Sergio Villar Senin of Igalia CVE-2012-0631 : Abhishek Arya (Inferno) of Google Chrome Security Team CVE-2012-0632 : Cris Neckar of the Google Chrome Security Team using AddressSanitizer CVE-2012-0633 : Apple CVE-2012-0635 : Julien Chaffraix of the Chromium development community, Martin Barbella using AddressSanitizer Installation note: This update is only available through iTunes, and will not appear in your computer's Software Update application, or in the Apple Downloads site. Make sure you have an Internet connection and have installed the latest version of iTunes from www.apple.com/itunes/ iTunes will automatically check Apple's update server on its weekly schedule. When an update is detected, it will download it. When the iPhone, iPod touch or iPad is docked, iTunes will present the user with the option to install the update. We recommend applying the update immediately if possible. Selecting Don't Install will present the option the next time you connect your iPhone, iPod touch, or iPad. The automatic update process may take up to a week depending on the day that iTunes checks for updates. You may manually obtain the update via the Check for Updates button within iTunes. After doing this, the update can be applied when your iPhone, iPod touch, or iPad is docked to your computer. To check that the iPhone, iPod touch, or iPad has been updated: * Navigate to Settings * Select General * Select About. The version after applying this update will be "5.1". Information will also be posted to the Apple Security Updates web site: http://support.apple.com/kb/HT1222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.16 (Darwin) iQEcBAEBAgAGBQJPV6M3AAoJEGnF2JsdZQeef/cIAKBSn0czLzJO9fu6ZyjLRvxq 4pIZgfyEVGBzpn+9IeiGFTkkVf+bOsA+Q3RlcsG5g0RlbyFgnuWu59HHsnkrElbM bCfnnTF5eYZX/3fnLzxpX7BUsEona3nf1gHfR24OeEn36C8rZ6rZJfMLqCJNNZGY RDSga1oeMN/AbgZuR9sYKudkE0GOmkLZfR2G4WXmrU+JncR6XoROUwoJBPhg8z90 HAxgDEbduuLLOSe7CHLS3apbh0L2tmxPCWpiBmEMg6PTlFF0HhJQJ0wusrUc8nX6 7TDsAho73wCOpChzBGQeemc6+UEN2uDmUgwVkN6n4D/qN1u6E+d3coUXOlb8hIY= =qPeE -----END PGP SIGNATURE----- . - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201111-01 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: High Title: Chromium, V8: Multiple vulnerabilities Date: November 01, 2011 Bugs: #351525, #353626, #354121, #356933, #357963, #358581, #360399, #363629, #365125, #366335, #367013, #368649, #370481, #373451, #373469, #377475, #377629, #380311, #380897, #381713, #383251, #385649, #388461 ID: 201111-01 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== Multiple vulnerabilities have been reported in Chromium and V8, some of which may allow execution of arbitrary code and local root privilege escalation. Background ========== Chromium is an open-source web browser project. V8 is Google's open source JavaScript engine. Affected packages ================= ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 www-client/chromium < 15.0.874.102 >= 15.0.874.102 2 dev-lang/v8 < 3.5.10.22 >= 3.5.10.22 ------------------------------------------------------------------- 2 affected packages ------------------------------------------------------------------- Description =========== Multiple vulnerabilities have been discovered in Chromium and V8. Please review the CVE identifiers and release notes referenced below for details. Impact ====== A local attacker could gain root privileges (CVE-2011-1444, fixed in chromium-11.0.696.57). A context-dependent attacker could entice a user to open a specially crafted web site or JavaScript program using Chromium or V8, possibly resulting in the execution of arbitrary code with the privileges of the process, or a Denial of Service condition. Workaround ========== There is no known workaround at this time. Resolution ========== All Chromium users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot -v ">=www-client/chromium-15.0.874.102" All V8 users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=dev-lang/v8-3.5.10.22" References ========== [ 1 ] CVE-2011-2345 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2345 [ 2 ] CVE-2011-2346 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2346 [ 3 ] CVE-2011-2347 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2347 [ 4 ] CVE-2011-2348 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2348 [ 5 ] CVE-2011-2349 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2349 [ 6 ] CVE-2011-2350 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2350 [ 7 ] CVE-2011-2351 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2351 [ 8 ] CVE-2011-2834 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2834 [ 9 ] CVE-2011-2835 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2835 [ 10 ] CVE-2011-2837 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2837 [ 11 ] CVE-2011-2838 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2838 [ 12 ] CVE-2011-2839 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2839 [ 13 ] CVE-2011-2840 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2840 [ 14 ] CVE-2011-2841 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2841 [ 15 ] CVE-2011-2843 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2843 [ 16 ] CVE-2011-2844 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2844 [ 17 ] CVE-2011-2845 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2845 [ 18 ] CVE-2011-2846 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2846 [ 19 ] CVE-2011-2847 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2847 [ 20 ] CVE-2011-2848 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2848 [ 21 ] CVE-2011-2849 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2849 [ 22 ] CVE-2011-2850 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2850 [ 23 ] CVE-2011-2851 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2851 [ 24 ] CVE-2011-2852 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2852 [ 25 ] CVE-2011-2853 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2853 [ 26 ] CVE-2011-2854 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2854 [ 27 ] CVE-2011-2855 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2855 [ 28 ] CVE-2011-2856 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2856 [ 29 ] CVE-2011-2857 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2857 [ 30 ] CVE-2011-2858 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2858 [ 31 ] CVE-2011-2859 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2859 [ 32 ] CVE-2011-2860 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2860 [ 33 ] CVE-2011-2861 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2861 [ 34 ] CVE-2011-2862 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2862 [ 35 ] CVE-2011-2864 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2864 [ 36 ] CVE-2011-2874 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2874 [ 37 ] CVE-2011-3234 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3234 [ 38 ] CVE-2011-3873 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3873 [ 39 ] CVE-2011-3875 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3875 [ 40 ] CVE-2011-3876 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3876 [ 41 ] CVE-2011-3877 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3877 [ 42 ] CVE-2011-3878 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3878 [ 43 ] CVE-2011-3879 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3879 [ 44 ] CVE-2011-3880 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3880 [ 45 ] CVE-2011-3881 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3881 [ 46 ] CVE-2011-3882 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3882 [ 47 ] CVE-2011-3883 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3883 [ 48 ] CVE-2011-3884 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3884 [ 49 ] CVE-2011-3885 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3885 [ 50 ] CVE-2011-3886 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3886 [ 51 ] CVE-2011-3887 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3887 [ 52 ] CVE-2011-3888 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3888 [ 53 ] CVE-2011-3889 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3889 [ 54 ] CVE-2011-3890 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3890 [ 55 ] CVE-2011-3891 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3891 [ 56 ] Release Notes 10.0.648.127 http://googlechromereleases.blogspot.com/2011/03/chrome-stable-release.html [ 57 ] Release Notes 10.0.648.133 http://googlechromereleases.blogspot.com/2011/03/stable-and-beta-channel-updates.html [ 58 ] Release Notes 10.0.648.205 http://googlechromereleases.blogspot.com/2011/04/stable-channel-update.html [ 59 ] Release Notes 11.0.696.57 http://googlechromereleases.blogspot.com/2011/04/chrome-stable-update.html [ 60 ] Release Notes 11.0.696.65 http://googlechromereleases.blogspot.com/2011/05/beta-and-stable-channel-update.html [ 61 ] Release Notes 11.0.696.68 http://googlechromereleases.blogspot.com/2011/05/stable-channel-update.html [ 62 ] Release Notes 11.0.696.71 http://googlechromereleases.blogspot.com/2011/05/stable-channel-update_24.html [ 63 ] Release Notes 12.0.742.112 http://googlechromereleases.blogspot.com/2011/06/stable-channel-update_28.html [ 64 ] Release Notes 12.0.742.91 http://googlechromereleases.blogspot.com/2011/06/chrome-stable-release.html [ 65 ] Release Notes 13.0.782.107 http://googlechromereleases.blogspot.com/2011/08/stable-channel-update.html [ 66 ] Release Notes 13.0.782.215 http://googlechromereleases.blogspot.com/2011/08/stable-channel-update_22.html [ 67 ] Release Notes 13.0.782.220 http://googlechromereleases.blogspot.com/2011/09/stable-channel-update.html [ 68 ] Release Notes 14.0.835.163 http://googlechromereleases.blogspot.com/2011/09/stable-channel-update_16.html [ 69 ] Release Notes 14.0.835.202 http://googlechromereleases.blogspot.com/2011/10/stable-channel-update.html [ 70 ] Release Notes 15.0.874.102 http://googlechromereleases.blogspot.com/2011/10/chrome-stable-release.html [ 71 ] Release Notes 8.0.552.237 http://googlechromereleases.blogspot.com/2011/01/chrome-stable-release.html [ 72 ] Release Notes 9.0.597.107 http://googlechromereleases.blogspot.com/2011/02/stable-channel-update_28.html [ 73 ] Release Notes 9.0.597.84 http://googlechromereleases.blogspot.com/2011/02/stable-channel-update.html [ 74 ] Release Notes 9.0.597.94 http://googlechromereleases.blogspot.com/2011/02/stable-channel-update_08.html Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: http://security.gentoo.org/glsa/glsa-201111-01.xml Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2011 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5

Trust: 2.43

sources: NVD: CVE-2011-3881 // JVNDB: JVNDB-2011-002672 // BID: 50360 // VULHUB: VHN-51826 // PACKETSTORM: 110716 // PACKETSTORM: 110650 // PACKETSTORM: 110591 // PACKETSTORM: 110779 // PACKETSTORM: 106471

AFFECTED PRODUCTS

vendor:googlemodel:chromescope:ltversion:15.0.874.102

Trust: 1.8

vendor:applemodel:safariscope:ltversion:5.1.4

Trust: 1.8

vendor:googlemodel:androidscope:ltversion:4.4

Trust: 1.0

vendor:applemodel:iphone osscope:ltversion:5.1

Trust: 1.0

vendor:applemodel:mac os xscope:eqversion:v10.6.8

Trust: 0.8

vendor:applemodel:mac os xscope:eqversion:v10.7.3

Trust: 0.8

vendor:applemodel:mac os x serverscope:eqversion:v10.6.8

Trust: 0.8

vendor:applemodel:mac os x serverscope:eqversion:v10.7.3

Trust: 0.8

vendor:applemodel:iosscope:ltversion:5.1 (ipad and ipad 2)

Trust: 0.8

vendor:applemodel:iosscope:ltversion:5.1 (iphone 3gs)

Trust: 0.8

vendor:applemodel:iosscope:ltversion:5.1 (iphone 4)

Trust: 0.8

vendor:applemodel:iosscope:ltversion:5.1 (iphone 4s)

Trust: 0.8

vendor:applemodel:iosscope:ltversion:5.1 (ipod touch (3rd generation) or later )

Trust: 0.8

vendor:applemodel:ipadscope: - version: -

Trust: 0.8

vendor:applemodel:iphonescope: - version: -

Trust: 0.8

vendor:applemodel:ipod touchscope: - version: -

Trust: 0.8

vendor:googlemodel:chromescope:eqversion:13.0.775.4

Trust: 0.6

vendor:googlemodel:chromescope:eqversion:13.0.777.1

Trust: 0.6

vendor:googlemodel:chromescope:eqversion:13.0.776.1

Trust: 0.6

vendor:googlemodel:chromescope:eqversion:13.0.777.4

Trust: 0.6

vendor:googlemodel:chromescope:eqversion:13.0.775.2

Trust: 0.6

vendor:googlemodel:chromescope:eqversion:13.0.777.0

Trust: 0.6

vendor:googlemodel:chromescope:eqversion:13.0.777.2

Trust: 0.6

vendor:googlemodel:chromescope:eqversion:13.0.776.0

Trust: 0.6

vendor:googlemodel:chromescope:eqversion:13.0.777.3

Trust: 0.6

vendor:googlemodel:chromescope:eqversion:13.0.777.5

Trust: 0.6

vendor:googlemodel:chromescope:eqversion:8.0.552.220

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:8.0.552.101

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:9.0.597.94

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:11.0.696.57

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:12.0.742.100

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:7.0.517.5

Trust: 0.3

vendor:applemodel:itunesscope:eqversion:8.0.2.20

Trust: 0.3

vendor:applemodel:safariscope:eqversion:5.0.1

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:8.0.552.223

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.2.8

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4

Trust: 0.3

vendor:applemodel:safari for windowsscope:eqversion:5.0.1

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:7.0.517.0

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:8.0.552.303

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:7.0.506.0

Trust: 0.3

vendor:applemodel:itunesscope:eqversion:9.0.1.8

Trust: 0.3

vendor:applemodel:itunesscope:eqversion:8.0

Trust: 0.3

vendor:applemodel:itunesscope:neversion:10.6

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.3

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:7.0.511.1

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:7.0.531.1

Trust: 0.3

vendor:applemodel:safariscope:eqversion:4.0.1

Trust: 0.3

vendor:applemodel:safariscope:eqversion:5.0.5

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:8.0.552.20

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:11.0.696.43

Trust: 0.3

vendor:applemodel:safariscope:eqversion:4.1.1

Trust: 0.3

vendor:applemodel:safari for windowsscope:eqversion:5.0.5

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:8.0.552.300

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:7.0.539.0

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:7.0.529.0

Trust: 0.3

vendor:applemodel:safariscope:eqversion:4.0.2

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.0.2

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.2

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:7.0.535.1

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:8.0.552.203

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:7.0.531.0

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:7.0.536.4

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:8.0.552.105

Trust: 0.3

vendor:applemodel:itunesscope:eqversion:9.0.1

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:8.0.552.10

Trust: 0.3

vendor:applemodel:safariscope:eqversion:4.1

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:8.0.552.211

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:7.0.517.28

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:7.0.499.1

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:8.0.552.18

Trust: 0.3

vendor:applemodel:safari for windowsscope:neversion:5.1.4

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:13

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:7.0.541.0

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:8.0.552.221

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:7.0.536.1

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:7.0.517.39

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:7.0.517.30

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:7.0.507.1

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:8.0.552.104

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:7.0.524.0

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:8.0.552.12

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:8.0.552.213

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:8.0.552.306

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:8.0.552.102

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.0.1

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:7.0.530.0

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:7.0.517.6

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:7.0.517.17

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:8.0.552.307

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:10.0.648.204

Trust: 0.3

vendor:applemodel:safari for windowsscope:eqversion:3.2.3

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:8.0.551.0

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:8.0.552.208

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:10.0.648.128

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:7.0.511.4

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:8.0.552.19

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:7.0.503.1

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:7.0.507.2

Trust: 0.3

vendor:applemodel:itunesscope:eqversion:10.2.2

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:8.0.552.301

Trust: 0.3

vendor:applemodel:safariscope:eqversion:4.1.2

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:7.0.521.0

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:7.0.507.0

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:7.0.517.18

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:7.0.520.0

Trust: 0.3

vendor:applemodel:itunesscope:eqversion:8.2

Trust: 0.3

vendor:srwaremodel:ironscope:eqversion:11.0.700.1

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:7.0.544.0

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:7.0.528.0

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:7.0.500.1

Trust: 0.3

vendor:applemodel:safari for windowsscope:eqversion:4.1.2

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.1

Trust: 0.3

vendor:applemodel:safari for windowsscope:eqversion:5.0.4

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:8.0.552.0

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:8.0.552.1

Trust: 0.3

vendor:applemodel:safari for windowsscope:eqversion:4.0.2

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:8.0.552.14

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:8.0.552.15

Trust: 0.3

vendor:applemodel:safariscope:eqversion:5.0.6

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:8.0.552.205

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:8.0.552.16

Trust: 0.3

vendor:applemodel:safariscope:eqversion:4.0.4

Trust: 0.3

vendor:applemodel:safari for windowsscope:eqversion:5.0.6

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.2.10

Trust: 0.3

vendor:applemodel:iosscope:eqversion:2.1

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:8.0.552.17

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:7.0.517.35

Trust: 0.3

vendor:applemodel:safariscope:eqversion:5.0

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:8.0.552.204

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:8.0.552.222

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:8.0.552.215

Trust: 0.3

vendor:applemodel:iosscope:eqversion:3.0

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:10.0.648.127

Trust: 0.3

vendor:applemodel:safari for windowsscope:eqversion:5.0

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:11.0.696.65

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:7.0.517.31

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:7.0.517.21

Trust: 0.3

vendor:applemodel:ipod touchscope:eqversion:0

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:7.0.517.10

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.3.3

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:8.0.552.225

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:7.0.517.12

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:7.0.526.0

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:8.0.552.21

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:7.0.498.0

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:7.0.517.20

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:7.0.505.0

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:7.0.535.2

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:7.0.497.0

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:7.0.517.16

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:7.0.514.0

Trust: 0.3

vendor:applemodel:iosscope:eqversion:3.1

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:9.0.597.107

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:8.0.552.302

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:8.0.552.219

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:8.0.552.310

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:7.0.517.4

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:7.0.515.0

Trust: 0.3

vendor:applemodel:iosscope:neversion:5.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.3.5

Trust: 0.3

vendor:applemodel:safariscope:eqversion:5.0.2

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:8.0.552.218

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:8.0.552.103

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:8.0.552.217

Trust: 0.3

vendor:srwaremodel:ironscope:eqversion:13.0

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:8.0.552.224

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:7.0.517.27

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:12.0.742.112

Trust: 0.3

vendor:applemodel:safari for windowsscope:eqversion:5.0.2

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:11.0.696.71

Trust: 0.3

vendor:srwaremodel:ironscope:eqversion:8.0.555.1

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:8.0.552.100

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:7.0.517.34

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:7.0.540.0

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:7.0.517.7

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:7.0.517.14

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:7.0.499.0

Trust: 0.3

vendor:applemodel:safariscope:eqversion:4.0.5

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:7.0.548.0

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:7.0.542.0

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:7.0.518.0

Trust: 0.3

vendor:applemodel:itunesscope:eqversion:8.1

Trust: 0.3

vendor:applemodel:safariscope:eqversion:5.1

Trust: 0.3

vendor:applemodel:itunesscope:eqversion:9.0.2

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:7.0.529.2

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:8.0.552.13

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:12.0.742.91

Trust: 0.3

vendor:applemodel:iosscope:eqversion:5

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.2.9

Trust: 0.3

vendor:applemodel:iosscope:eqversion:2.0

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:7.0.510.0

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:7.0.511.2

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:7.0.517.38

Trust: 0.3

vendor:applemodel:itunesscope:eqversion:9.1

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:8.0.552.308

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:7.0.529.1

Trust: 0.3

vendor:applemodel:safari for windowsscope:eqversion:4.0.4

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:9.0.597.84

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:8.0.552.210

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:8.0.550.0

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:7.0.525.0

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:7.0.517.24

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:7.0.503.0

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:7.0.547.1

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:7.0.536.2

Trust: 0.3

vendor:gentoomodel:linuxscope: - version: -

Trust: 0.3

vendor:applemodel:itunesscope:eqversion:10.5

Trust: 0.3

vendor:applemodel:itunesscope:eqversion:10.1

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:7.0.517.33

Trust: 0.3

vendor:srwaremodel:ironscope:eqversion:11.0.700.2

Trust: 0.3

vendor:applemodel:ios betascope:eqversion:4.2

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:7.0.536.0

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:7.0.517.9

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:7.0.517.23

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:13.0.782.107

Trust: 0.3

vendor:applemodel:itunesscope:eqversion:10.2

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:7.0.500.0

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:14

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:7.0.517.11

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:8.0.552.309

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:11.0.696.77

Trust: 0.3

vendor:applemodel:itunesscope:eqversion:10

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:8.0.552.214

Trust: 0.3

vendor:applemodel:itunesscope:eqversion:9.2.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:5.1

Trust: 0.3

vendor:applemodel:safari betascope:eqversion:4

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:8.0.552.209

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:7.0.517.13

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:8.0.552.202

Trust: 0.3

vendor:applemodel:iphonescope:eqversion:0

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:8.0.552.226

Trust: 0.3

vendor:applemodel:itunesscope:eqversion:10.5.1

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:8.0.551.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.2.1

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:7.0.517.37

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:7.0.547.0

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:8.0.552.201

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:7.0.517.2

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:7.0.509.0

Trust: 0.3

vendor:applemodel:safariscope:eqversion:4.1.3

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:7.0.531.2

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:7.0.517.26

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:8.0.552.11

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:7.0.517.32

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:7.0.517.22

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:7.0.507.3

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:7.0.517.40

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:7.0.517.43

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:11.0.696.68

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:11.0.672.2

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:7.0.517.36

Trust: 0.3

vendor:applemodel:safari for windowsscope:eqversion:4.0.5

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:7.0.517.8

Trust: 0.3

vendor:applemodel:safari for windowsscope:eqversion:4.1.3

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:7.0.517.42

Trust: 0.3

vendor:applemodel:safariscope:eqversion:5.1.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.2.7

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:7.0.504.0

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:12

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:8.0.549.0

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:7.0.517.44

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:10

Trust: 0.3

vendor:applemodel:safari for windowsscope:eqversion:5.1.1

Trust: 0.3

vendor:srwaremodel:ironscope:eqversion:11.0.700.0

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:7.0.514.1

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:8.0.552.304

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:8.0.552.2

Trust: 0.3

vendor:applemodel:safari for windowsscope:eqversion:5.1

Trust: 0.3

vendor:applemodel:safariscope:eqversion:5.0.3

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:11

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:8.0.552.207

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:13.0.782.112

Trust: 0.3

vendor:applemodel:safari betascope:eqversion:4.0

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:8.0.552.212

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:8.0.552.305

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.3.2

Trust: 0.3

vendor:applemodel:safariscope:eqversion:4.0

Trust: 0.3

vendor:applemodel:safari for windowsscope:eqversion:5.0.3

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:8.0.552.216

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:8.0.552.237

Trust: 0.3

vendor:srwaremodel:ironscope:eqversion:8.0.555.0

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:8.0.552.344

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:7.0.512.0

Trust: 0.3

vendor:srwaremodel:ironscope:eqversion:15

Trust: 0.3

vendor:applemodel:ipadscope:eqversion:0

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:7.0.517.41

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:7.0.517.29

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:8.0.552.206

Trust: 0.3

vendor:applemodel:safariscope:eqversion:4.0.3

Trust: 0.3

vendor:applemodel:safariscope:neversion:5.1.4

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:10.0.648.133

Trust: 0.3

vendor:applemodel:iosscope:eqversion:5.1.1

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:7.0.516.0

Trust: 0.3

vendor:applemodel:safari for windowsscope:eqversion:4.0.3

Trust: 0.3

vendor:applemodel:iosscope:eqversion:5.0.1

Trust: 0.3

vendor:applemodel:itunesscope:eqversion:9.2

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:13.0.782.215

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:10.0.648.205

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:8.0.552.200

Trust: 0.3

vendor:applemodel:iosscope:eqversion:3.2.1

Trust: 0.3

vendor:srwaremodel:ironscope:eqversion:11.0.700.3

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.3.4

Trust: 0.3

vendor:googlemodel:chromescope:neversion:15.0.874102

Trust: 0.3

vendor:applemodel:safariscope:eqversion:3.2.3

Trust: 0.3

vendor:applemodel:itunesscope:eqversion:9.0

Trust: 0.3

vendor:applemodel:safariscope:eqversion:4

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:7.0.536.3

Trust: 0.3

vendor:applemodel:iosscope:eqversion:3.2.2

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:7.0.517.19

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:7.0.537.0

Trust: 0.3

vendor:srwaremodel:ironscope:eqversion:9.0.600.1

Trust: 0.3

vendor:applemodel:safari for windowsscope:eqversion:4

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:7.0.538.0

Trust: 0.3

vendor:srwaremodel:ironscope:eqversion:13.0.800.0

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:7.0.519.0

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.3.1

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.2.5

Trust: 0.3

vendor:srwaremodel:ironscope:neversion:15.0.900.1

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:7.0.513.0

Trust: 0.3

vendor:applemodel:iosscope:eqversion:3.2

Trust: 0.3

vendor:applemodel:safariscope:eqversion:5.0.4

Trust: 0.3

vendor:applemodel:iosscope:eqversion:4.2.6

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:7.0.517.25

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:7.0.522.0

Trust: 0.3

sources: BID: 50360 // JVNDB: JVNDB-2011-002672 // CNNVD: CNNVD-201110-608 // NVD: CVE-2011-3881

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2011-3881
value: MEDIUM

Trust: 1.0

NVD: CVE-2011-3881
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-201110-608
value: MEDIUM

Trust: 0.6

VULHUB: VHN-51826
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2011-3881
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

NVD: CVE-2011-3881
severity: MEDIUM
baseScore: 6.8
vectorString: AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: NONE
impactScore: NONE
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.8

VULHUB: VHN-51826
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-51826 // JVNDB: JVNDB-2011-002672 // CNNVD: CNNVD-201110-608 // NVD: CVE-2011-3881

PROBLEMTYPE DATA

problemtype:CWE-79

Trust: 1.1

sources: VULHUB: VHN-51826 // NVD: CVE-2011-3881

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201110-608

TYPE

xss

Trust: 0.7

sources: PACKETSTORM: 110650 // CNNVD: CNNVD-201110-608

CONFIGURATIONS

sources: JVNDB: JVNDB-2011-002672

PATCH

title:HT5192url:http://support.apple.com/kb/HT5192

Trust: 0.8

title:HT5190url:http://support.apple.com/kb/HT5190

Trust: 0.8

title:Google Chromeurl:http://www.google.co.jp/chrome/intl/ja/landing_ff_yt.html?hl=ja&hl=ja

Trust: 0.8

title:chrome-stable-releaseurl:http://googlechromereleases.blogspot.com/2011/10/chrome-stable-release.html

Trust: 0.8

title:googlechromeurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=40913

Trust: 0.6

title:google-chrome-stable_current_x86_64url:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=40917

Trust: 0.6

title:chrome_installerurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=40912

Trust: 0.6

title:google-chrome-stable_current_i386url:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=40916

Trust: 0.6

title:google-chrome-stable_current_i386url:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=40915

Trust: 0.6

title:google-chrome-stable_current_amd64url:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=40914

Trust: 0.6

sources: JVNDB: JVNDB-2011-002672 // CNNVD: CNNVD-201110-608

EXTERNAL IDS

db:NVDid:CVE-2011-3881

Trust: 3.1

db:SECUNIAid:48377

Trust: 1.8

db:SECUNIAid:48288

Trust: 1.8

db:SECTRACKid:1026774

Trust: 1.7

db:JVNDBid:JVNDB-2011-002672

Trust: 0.8

db:CNNVDid:CNNVD-201110-608

Trust: 0.7

db:BIDid:50360

Trust: 0.3

db:VULHUBid:VHN-51826

Trust: 0.1

db:PACKETSTORMid:110716

Trust: 0.1

db:PACKETSTORMid:110650

Trust: 0.1

db:PACKETSTORMid:110591

Trust: 0.1

db:PACKETSTORMid:110779

Trust: 0.1

db:PACKETSTORMid:106471

Trust: 0.1

sources: VULHUB: VHN-51826 // BID: 50360 // JVNDB: JVNDB-2011-002672 // PACKETSTORM: 110716 // PACKETSTORM: 110650 // PACKETSTORM: 110591 // PACKETSTORM: 110779 // PACKETSTORM: 106471 // CNNVD: CNNVD-201110-608 // NVD: CVE-2011-3881

REFERENCES

url:http://googlechromereleases.blogspot.com/2011/10/chrome-stable-release.html

Trust: 2.1

url:http://lists.apple.com/archives/security-announce/2012/mar/msg00001.html

Trust: 1.7

url:http://lists.apple.com/archives/security-announce/2012/mar/msg00003.html

Trust: 1.7

url:http://code.google.com/p/chromium/issues/detail?id=96047

Trust: 1.7

url:http://code.google.com/p/chromium/issues/detail?id=96885

Trust: 1.7

url:http://code.google.com/p/chromium/issues/detail?id=98053

Trust: 1.7

url:http://code.google.com/p/chromium/issues/detail?id=99512

Trust: 1.7

url:http://code.google.com/p/chromium/issues/detail?id=99750

Trust: 1.7

url:https://android.googlesource.com/platform/external/webkit/+/109d59bf6fe4abfd001fc60ddd403f1046b117ef

Trust: 1.7

url:http://www.rafayhackingarticles.net/2014/10/a-tale-of-another-sop-bypass-in-android.html

Trust: 1.7

url:https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a12940

Trust: 1.7

url:http://www.securitytracker.com/id?1026774

Trust: 1.7

url:http://secunia.com/advisories/48288

Trust: 1.7

url:http://secunia.com/advisories/48377

Trust: 1.7

url:https://exchange.xforce.ibmcloud.com/vulnerabilities/70959

Trust: 1.7

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-3881

Trust: 0.8

url:http://jvn.jp/cert/jvnvu341747/

Trust: 0.8

url:http://jvn.jp/cert/jvnvu428075/

Trust: 0.8

url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-3881

Trust: 0.8

url:http://www.google.com/chrome

Trust: 0.3

url:http://www.srware.net/forum/viewtopic.php?f=18&t=2753

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2011-2847

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2011-2855

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2011-2854

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2011-2846

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2011-2867

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2011-3888

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2011-2872

Trust: 0.2

url:http://support.apple.com/kb/ht1222

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2011-2877

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2011-2871

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2011-3887

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2011-2869

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2012-0585

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2011-2860

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2011-3885

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2011-3928

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2011-2873

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2011-2870

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2011-2868

Trust: 0.2

url:https://www.apple.com/support/security/pgp/

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2011-2857

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2011-3897

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2011-2825

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2011-3908

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2012-0586

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2011-3881

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2011-3909

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2011-2833

Trust: 0.2

url:http://secunia.com/psi_30_beta_launch

Trust: 0.2

url:http://secunia.com/vulnerability_intelligence/

Trust: 0.2

url:http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/

Trust: 0.2

url:http://secunia.com/advisories/secunia_security_advisories/

Trust: 0.2

url:http://secunia.com/vulnerability_scanning/personal/

Trust: 0.2

url:http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org

Trust: 0.2

url:http://secunia.com/advisories/about_secunia_advisories/

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2012-0584

Trust: 0.1

url:http://www.apple.com/safari/download/

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-2866

Trust: 0.1

url:http://secunia.com/advisories/48288/#comments

Trust: 0.1

url:https://ca.secunia.com/?page=viewadvisory&vuln_id=48288

Trust: 0.1

url:http://secunia.com/advisories/48288/

Trust: 0.1

url:http://support.apple.com/kb/ht5192

Trust: 0.1

url:https://www.apple.com/itunes/

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-3453

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2012-0587

Trust: 0.1

url:http://support.apple.com/kb/ht5190

Trust: 0.1

url:http://secunia.com/advisories/48377/#comments

Trust: 0.1

url:http://secunia.com/advisories/48377/

Trust: 0.1

url:https://ca.secunia.com/?page=viewadvisory&vuln_id=48377

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2849

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-2841

Trust: 0.1

url:http://googlechromereleases.blogspot.com/2011/02/stable-channel-update.html

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2351

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2847

Trust: 0.1

url:http://googlechromereleases.blogspot.com/2011/01/chrome-stable-release.html

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3875

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3890

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-2350

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3884

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-2848

Trust: 0.1

url:http://creativecommons.org/licenses/by-sa/2.5

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-2853

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2835

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-2837

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3879

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3888

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2859

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3881

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3889

Trust: 0.1

url:http://googlechromereleases.blogspot.com/2011/09/stable-channel-update_16.html

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-2351

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2844

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2843

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3876

Trust: 0.1

url:http://googlechromereleases.blogspot.com/2011/04/stable-channel-update.html

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-2844

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-2345

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2837

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2853

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-2834

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-2845

Trust: 0.1

url:http://googlechromereleases.blogspot.com/2011/05/stable-channel-update.html

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3877

Trust: 0.1

url:http://googlechromereleases.blogspot.com/2011/04/chrome-stable-update.html

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2349

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3880

Trust: 0.1

url:http://security.gentoo.org/glsa/glsa-201111-01.xml

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2347

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2841

Trust: 0.1

url:http://googlechromereleases.blogspot.com/2011/03/chrome-stable-release.html

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-2835

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-2349

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2861

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2862

Trust: 0.1

url:http://googlechromereleases.blogspot.com/2011/03/stable-and-beta-channel-updates.html

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-2852

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-2838

Trust: 0.1

url:http://googlechromereleases.blogspot.com/2011/08/stable-channel-update_22.html

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-2839

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-2849

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2346

Trust: 0.1

url:http://googlechromereleases.blogspot.com/2011/09/stable-channel-update.html

Trust: 0.1

url:http://googlechromereleases.blogspot.com/2011/05/stable-channel-update_24.html

Trust: 0.1

url:http://googlechromereleases.blogspot.com/2011/02/stable-channel-update_28.html

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2858

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3891

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2855

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3887

Trust: 0.1

url:http://googlechromereleases.blogspot.com/2011/06/stable-channel-update_28.html

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3878

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3873

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-2840

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2854

Trust: 0.1

url:http://googlechromereleases.blogspot.com/2011/10/stable-channel-update.html

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-2850

Trust: 0.1

url:http://googlechromereleases.blogspot.com/2011/05/beta-and-stable-channel-update.html

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2838

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2834

Trust: 0.1

url:http://googlechromereleases.blogspot.com/2011/06/chrome-stable-release.html

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3883

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-2851

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2840

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2857

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2851

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-2856

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-2346

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-2347

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2846

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2348

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2850

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2852

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2856

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2874

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-2348

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2864

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2350

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2345

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2860

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3234

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2845

Trust: 0.1

url:http://security.gentoo.org/

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2848

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3886

Trust: 0.1

url:http://googlechromereleases.blogspot.com/2011/08/stable-channel-update.html

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2839

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3882

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3885

Trust: 0.1

url:http://googlechromereleases.blogspot.com/2011/02/stable-channel-update_08.html

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-2843

Trust: 0.1

url:https://bugs.gentoo.org.

Trust: 0.1

sources: VULHUB: VHN-51826 // BID: 50360 // JVNDB: JVNDB-2011-002672 // PACKETSTORM: 110716 // PACKETSTORM: 110650 // PACKETSTORM: 110591 // PACKETSTORM: 110779 // PACKETSTORM: 106471 // CNNVD: CNNVD-201110-608 // NVD: CVE-2011-3881

CREDITS

Jordi Chancel, Marc Novak, Juho Nurminen, Tom Sepez(Google Chrome Security Team), miaubiz, Masato Kinugawa, Vladimir Vorontsov(ONsec company), Sergey Glazunov, Inferno(Google Chrome Security Team), Brian Ryner(Chromium development community), Christian Hol

Trust: 0.3

sources: BID: 50360

SOURCES

db:VULHUBid:VHN-51826
db:BIDid:50360
db:JVNDBid:JVNDB-2011-002672
db:PACKETSTORMid:110716
db:PACKETSTORMid:110650
db:PACKETSTORMid:110591
db:PACKETSTORMid:110779
db:PACKETSTORMid:106471
db:CNNVDid:CNNVD-201110-608
db:NVDid:CVE-2011-3881

LAST UPDATE DATE

2024-11-23T19:27:10.024000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-51826date:2020-05-11T00:00:00
db:BIDid:50360date:2012-09-20T00:00:00
db:JVNDBid:JVNDB-2011-002672date:2012-03-21T00:00:00
db:CNNVDid:CNNVD-201110-608date:2020-05-12T00:00:00
db:NVDid:CVE-2011-3881date:2024-11-21T01:31:28.207

SOURCES RELEASE DATE

db:VULHUBid:VHN-51826date:2011-10-25T00:00:00
db:BIDid:50360date:2011-10-25T00:00:00
db:JVNDBid:JVNDB-2011-002672date:2011-11-02T00:00:00
db:PACKETSTORMid:110716date:2012-03-13T00:58:40
db:PACKETSTORMid:110650date:2012-03-11T05:32:13
db:PACKETSTORMid:110591date:2012-03-08T22:23:23
db:PACKETSTORMid:110779date:2012-03-14T05:16:27
db:PACKETSTORMid:106471date:2011-11-01T15:58:39
db:CNNVDid:CNNVD-201110-608date:2011-10-26T00:00:00
db:NVDid:CVE-2011-3881date:2011-10-25T19:55:01.540