Lucene search

[email protected]CVE-2011-2805

HistoryAug 03, 2011 - 12:55 a.m.

CVE-2011-2805

2011-08-0300:55:02

CWE-74

[email protected]

web.nvd.nist.gov

google chrome

same origin policy

cve-2011-2805

script injection

security vulnerability

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

6.5 Medium

AI Score

Confidence

Low

0.012 Low

EPSS

Percentile

85.0%

JSON

Google Chrome before 13.0.782.107 allows remote attackers to bypass the Same Origin Policy and conduct script injection attacks via unspecified vectors.

Affected configurations

NVD

Node

googlechromeRange<13.0.782.107

Node

applesafariRange<5.1.1

appleiphone_osRange<5.0

CPENameOperatorVersion
google:chromegoogle chromelt13.0.782.107

CPE	Name	Operator	Version
google:chrome	google chrome	lt	13.0.782.107

References

code.google.com/p/chromium/issues/detail?id=89520

googlechromereleases.blogspot.com/2011/08/stable-channel-update.html

lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html

lists.apple.com/archives/Security-announce/2011//Oct/msg00004.html

osvdb.org/74257

support.apple.com/kb/HT4999

support.apple.com/kb/HT5000

exchange.xforce.ibmcloud.com/vulnerabilities/68967

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14583

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

6.5 Medium

AI Score

Confidence

Low

0.012 Low

EPSS

Percentile

85.0%

JSON

Related for CVE-2011-2805

prion1 ubuntucve1 debiancve1 cvelist1 nvd1 openvas12 threatpost1 nessus4 chrome1 securityvulns3 freebsd1