Lucene search

ChromeCVE-2011-1796

HistoryDec 26, 2014 - 2:59 a.m.

CVE-2011-1796

2014-12-2602:59:03

Chrome

web.nvd.nist.gov

cve-2011-1796

use-after-free vulnerability

frameview

calculatescrollbarmodesforlayout

webcore

webkit

google chrome

denial of service

application crash

remote attackers

crafted javascript code

removechild method

frame element

nvd

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

7.4

Confidence

High

EPSS

0.003

Percentile

71.1%

JSON

Use-after-free vulnerability in the FrameView::calculateScrollbarModesForLayout function in page/FrameView.cpp in WebCore in WebKit in Google Chrome before 11.0.696.65 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via crafted JavaScript code that calls the removeChild method during interaction with a FRAME element.

Affected configurations

Nvd

Node

googlechromeRange≤11.0.696.64

VendorProductVersionCPE
googlechrome*cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
google	chrome	*	cpe:2.3:a:google:chrome::::::::

References

crbug.com/79055

launchpad.net/bugs/778822

trac.webkit.org/changeset/84300

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

7.4

Confidence

High

EPSS

0.003

Percentile

71.1%

JSON

Related for CVE-2011-1796