FreeBSD330106DA-7406-11E1-A1D7-00262D5ED8EEchromium -- multiple vulnerabilities
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.209 Low
EPSS
Percentile
95.9%
Google Chrome Releases reports:
[113902] High CVE-2011-3050: Use-after-free with first-letter
handling. Credit to miaubiz.
[116162] High CVE-2011-3045: libpng integer issue from upstream.
Credit to Glenn Randers-Pehrson of the libpng project.
[116461] High CVE-2011-3051: Use-after-free in CSS cross-fade
handling. Credit to Arthur Gerkis.
[116637] High CVE-2011-3052: Memory corruption in WebGL canvas
handling. Credit to Ben Vanik of Google.
[116746] High CVE-2011-3053: Use-after-free in block splitting.
Credit to miaubiz.
[117418] Low CVE-2011-3054: Apply additional isolations to webui
privileges. Credit to Sergey Glazunov.
[117736] Low CVE-2011-3055: Prompt in the browser native UI for
unpacked extension installation. Credit to PinkiePie.
[117550] High CVE-2011-3056: Cross-origin violation with “magic
iframe”. Credit to Sergey Glazunov.
[117794] Medium CVE-2011-3057: Invalid read in v8. Credit to
Christian Holler.
[108648] Low CVE-2011-3049: Extension web request API can
interfere with system requests. Credit to Michael Gundlach.
Fixed in an earlier release.
Related
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.209 Low
EPSS
Percentile
95.9%