6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.367 Low
EPSS
Percentile
96.8%
Google Chrome Releases reports:
[106577] Medium CVE-2011-3066: Out-of-bounds read in Skia clipping. Credit to miaubiz.
[117583] Medium CVE-2011-3067: Cross-origin iframe replacement.
Credit to Sergey Glazunov.
[117698] High CVE-2011-3068: Use-after-free in run-in handling.
Credit to miaubiz.
[117728] High CVE-2011-3069: Use-after-free in line box handling.
Credit to miaubiz.
[118185] High CVE-2011-3070: Use-after-free in v8 bindings. Credit
to Google Chrome Security Team (SkyLined).
[118273] High CVE-2011-3071: Use-after-free in HTMLMediaElement.
Credit to pa_kt, reporting through HP TippingPoint ZDI
(ZDI-CAN-1528).
[118467] Low CVE-2011-3072: Cross-origin violation parenting pop-up
window. Credit to Sergey Glazunov.
[118593] High CVE-2011-3073: Use-after-free in SVG resource
handling. Credit to Arthur Gerkis.
[119281] Medium CVE-2011-3074: Use-after-free in media handling.
Credit to Slawomir Blazek.
[119525] High CVE-2011-3075: Use-after-free applying style command.
Credit to miaubiz.
[120037] High CVE-2011-3076: Use-after-free in focus handling.
Credit to miaubiz.
[120189] Medium CVE-2011-3077: Read-after-free in script bindings.
Credit to Google Chrome Security Team (Inferno).