Lucene search

[email protected]CVE-2011-3895

HistoryNov 11, 2011 - 11:55 a.m.

CVE-2011-3895

2011-11-1111:55:02

CWE-787

[email protected]

web.nvd.nist.gov

cve

2011

3895

buffer overflow

vorbis decoder

google chrome

denial of service

nvd

9.6 High

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.025 Low

EPSS

Percentile

90.1%

JSON

Heap-based buffer overflow in the Vorbis decoder in Google Chrome before 15.0.874.120 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted stream.

Affected configurations

NVD

Node

googlechromeRange<15.0.874.120

Node

debiandebian_linuxMatch6.0

CPENameOperatorVersion
google:chromegoogle chromelt15.0.874.120

CPE	Name	Operator	Version
google:chrome	google chrome	lt	15.0.874.120

References

code.google.com/p/chromium/issues/detail?id=101458

googlechromereleases.blogspot.com/2011/11/stable-channel-update.html

secunia.com/advisories/46933

secunia.com/advisories/49089

www.debian.org/security/2012/dsa-2471

www.mandriva.com/security/advisories?name=MDVSA-2012:074

www.mandriva.com/security/advisories?name=MDVSA-2012:075

www.mandriva.com/security/advisories?name=MDVSA-2012:076

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13551

9.6 High

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.025 Low

EPSS

Percentile

90.1%

JSON

Related for CVE-2011-3895

ubuntucve1 prion1 debiancve1 cvelist1 nvd1 nessus10 openvas17 chrome1 gentoo2 securityvulns3 debian1 osv1 freebsd2 kitploit1