Lucene search

[email protected]CVE-2011-3895

HistoryNov 11, 2011 - 11:55 a.m.

CVE-2011-3895

2011-11-1111:55:02

CWE-787

[email protected]

web.nvd.nist.gov

cve

2011

3895

buffer overflow

vorbis decoder

google chrome

denial of service

nvd

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

9.6 High

AI Score

Confidence

High

0.025 Low

EPSS

Percentile

90.2%

JSON

Heap-based buffer overflow in the Vorbis decoder in Google Chrome before 15.0.874.120 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted stream.

Affected configurations

NVD

Node

googlechromeRange<15.0.874.120

Node

debiandebian_linuxMatch6.0

CPENameOperatorVersion
google:chromegoogle chromelt15.0.874.120

CPE	Name	Operator	Version
google:chrome	google chrome	lt	15.0.874.120

References

code.google.com/p/chromium/issues/detail?id=101458

googlechromereleases.blogspot.com/2011/11/stable-channel-update.html

secunia.com/advisories/46933

secunia.com/advisories/49089

www.debian.org/security/2012/dsa-2471

www.mandriva.com/security/advisories?name=MDVSA-2012:074

www.mandriva.com/security/advisories?name=MDVSA-2012:075

www.mandriva.com/security/advisories?name=MDVSA-2012:076

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13551

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

9.6 High

AI Score

Confidence

High

0.025 Low

EPSS

Percentile

90.2%

JSON

Related for CVE-2011-3895

ubuntucve1 cvelist1 nvd1 debiancve1 prion1 nessus10 openvas17 gentoo2 chrome1 securityvulns3 debian1 osv1 freebsd2 kitploit1