Lucene search

[email protected]CVE-2011-3098

HistoryMay 16, 2012 - 12:55 a.m.

CVE-2011-3098

2012-05-1600:55:00

CWE-264

[email protected]

web.nvd.nist.gov

google chrome

windows

cve-2011-3098

nvd

security vulnerability

privilege escalation

search path

windows media player

6.1 Medium

AI Score

Confidence

Low

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

5.3%

JSON

Google Chrome before 19.0.1084.46 on Windows uses an incorrect search path for the Windows Media Player plug-in, which might allow local users to gain privileges via a Trojan horse plug-in in an unspecified directory.

CPENameOperatorVersion
opensuse:opensuseopensuseeq12.1
google:chromegoogle chromele19.0.1084.45

CPE	Name	Operator	Version
opensuse:opensuse	opensuse	eq	12.1
google:chrome	google chrome	le	19.0.1084.45

References

code.google.com/p/chromium/issues/detail?id=124216

googlechromereleases.blogspot.com/2012/05/stable-channel-update.html

lists.opensuse.org/opensuse-security-announce/2012-05/msg00017.html

lists.opensuse.org/opensuse-security-announce/2012-08/msg00009.html

www.securityfocus.com/bid/53540

www.securitytracker.com/id?1027067

exchange.xforce.ibmcloud.com/vulnerabilities/75603

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15618

6.1 Medium

AI Score

Confidence

Low

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

5.3%

JSON

Related for CVE-2011-3098

prion1 debiancve1 msvr1 ubuntucve1 suse2 openvas6 nessus5 threatpost1 chrome1