Lucene search

MitreCVE-2011-3092

HistoryMay 16, 2012 - 12:55 a.m.

CVE-2011-3092

2012-05-1600:55:02

CWE-20

mitre

web.nvd.nist.gov

cve-2011-3092

google v8

regex implementation

denial of service

invalid write operation

nvd

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

7.1

Confidence

High

EPSS

0.013

Percentile

86.0%

JSON

The regex implementation in Google V8, as used in Google Chrome before 19.0.1084.46, allows remote attackers to cause a denial of service (invalid write operation) or possibly have unspecified other impact via unknown vectors.

Affected configurations

Nvd

Node

googlechromeRange≤19.0.1084.45

VendorProductVersionCPE
googlechrome*cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
google	chrome	*	cpe:2.3:a:google:chrome::::::::

References

code.google.com/p/chromium/issues/detail?id=122337

googlechromereleases.blogspot.com/2012/05/stable-channel-update.html

lists.opensuse.org/opensuse-security-announce/2012-05/msg00017.html

security.gentoo.org/glsa/glsa-201205-03.xml

www.securityfocus.com/bid/53540

www.securitytracker.com/id?1027067

exchange.xforce.ibmcloud.com/vulnerabilities/75597

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15610

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

7.1

Confidence

High

EPSS

0.013

Percentile

86.0%

JSON

Related for CVE-2011-3092