Lucene search

[email protected]CVE-2011-1298

HistoryNov 06, 2019 - 7:15 p.m.

CVE-2011-1298

2019-11-0619:15:11

CWE-190

[email protected]

web.nvd.nist.gov

cve-2011-1298

integer overflow

webkit

google chrome

blink m11

macos

webcore

graphicscontext

fillrect

nvd

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

7.2 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

49.1%

JSON

An Integer Overflow exists in WebKit in Google Chrome before Blink M11 in the macOS WebCore::GraphicsContext::fillRect function.

Affected configurations

NVD

Node

googleblinkRange<m11chromium

AND

applemacosMatch-

CPENameOperatorVersion
google:blinkgoogle blinkltm11

CPE	Name	Operator	Version
google:blink	google blink	lt	m11

References

trac.webkit.org/changeset/80579

trac.webkit.org/changeset/81431

bugs.chromium.org/p/chromium/issues/detail?id=75155

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

7.2 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

49.1%

JSON

Related for CVE-2011-1298

ubuntucve1 nvd1 cvelist1 prion1