Lucene search

MitreCVE-2011-3099

HistoryMay 16, 2012 - 12:55 a.m.

CVE-2011-3099

2012-05-1600:55:03

CWE-399

mitre

web.nvd.nist.gov

cve-2011-3099

pdf

google chrome

vulnerability

denial of service

remote attackers

font encoding

nvd

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

7.1

Confidence

High

EPSS

0.019

Percentile

88.5%

JSON

Use-after-free vulnerability in the PDF functionality in Google Chrome before 19.0.1084.46 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving a malformed name for the font encoding.

Affected configurations

Nvd

Node

googlechromeRange≤19.0.1084.45

VendorProductVersionCPE
googlechrome*cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
google	chrome	*	cpe:2.3:a:google:chrome::::::::

References

code.google.com/p/chromium/issues/detail?id=124479

googlechromereleases.blogspot.com/2012/05/stable-channel-update.html

www.securityfocus.com/bid/53540

www.securitytracker.com/id?1027067

exchange.xforce.ibmcloud.com/vulnerabilities/75604

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15208

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

7.1

Confidence

High

EPSS

0.019

Percentile

88.5%

JSON

Related for CVE-2011-3099