Lucene search

K

PRIOn knowledge basePRION:CVE-2011-3640

HistoryOct 28, 2011 - 2:49 a.m.

Design/Logic Flaw

2011-10-2802:49:00

PRIOn knowledge base

www.prio-n.com

1

6.5 Medium

AI Score

Confidence

Low

7.1 High

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:S/C:C/I:C/A:C

0.001 Low

EPSS

Percentile

48.5%

DISPUTED Untrusted search path vulnerability in Mozilla Network Security Services (NSS), as used in Google Chrome before 17 on Windows and Mac OS X, might allow local users to gain privileges via a Trojan horse pkcs11.txt file in a top-level directory. NOTE: the vendor’s response was “Strange behavior, but we’re not treating this as a security bug.”

CPENameOperatorVersion
chromelt17.0

References

blog.acrossecurity.com/2011/10/google-chrome-pkcs11txt-file-planting.html

securityreason.com/securityalert/8483

bugzilla.mozilla.org/show_bug.cgi?id=641052

code.google.com/p/chromium/issues/detail?id=97426

hermes.opensuse.org/messages/13154861

hermes.opensuse.org/messages/13155432

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13414

6.5 Medium

AI Score

Confidence

Low

7.1 High

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:S/C:C/I:C/A:C

0.001 Low

EPSS

Percentile

48.5%

Related for PRION:CVE-2011-3640

debian2 openvas9 nessus9 osv1 cve1 ubuntucve1 debiancve1 suse1 gentoo1