PRIOn knowledge basePRION:CVE-2011-3895

HistoryNov 11, 2011 - 11:55 a.m.

Heap overflow

2011-11-1111:55:00

PRIOn knowledge base

www.prio-n.com

7.9 High

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.023 Low

EPSS

Percentile

89.3%

JSON

Heap-based buffer overflow in the Vorbis decoder in Google Chrome before 15.0.874.120 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted stream.

CPENameOperatorVersion
debian_linuxeq6.0
chromelt15.0.874.120

CPE	Name	Operator	Version
	debian_linux	eq	6.0
	chrome	lt	15.0.874.120

References

secunia.com/advisories/46933

secunia.com/advisories/49089

www.debian.org/security/2012/dsa-2471

www.mandriva.com/security/advisories?name=MDVSA-2012:074

www.mandriva.com/security/advisories?name=MDVSA-2012:075

www.mandriva.com/security/advisories?name=MDVSA-2012:076

code.google.com/p/chromium/issues/detail?id=101458

googlechromereleases.blogspot.com/2011/11/stable-channel-update.html

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13551

7.9 High

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.023 Low

EPSS

Percentile

89.3%

JSON

Related for PRION:CVE-2011-3895