Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntucveUbuntu.comUB:CVE-2011-3881
HistoryOct 25, 2011 - 12:00 a.m.

CVE-2011-3881

2011-10-2500:00:00
ubuntu.com
ubuntu.com
14

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.003 Low

EPSS

Percentile

71.7%

JSON

WebKit, as used in Google Chrome before 15.0.874.102 and Android before
4.4, allows remote attackers to bypass the Same Origin Policy and conduct
Universal XSS (UXSS) attacks via vectors related to (1) the
DOMWindow::clear function and use of a selection object, (2) the
Object::GetRealNamedPropertyInPrototypeChain function and use of an
proto property, (3) the HTMLPlugInImageElement::allowedToLoadFrameURL
function and use of a javascript: URL, (4) incorrect origins for
XSLT-generated documents in the XSLTProcessor::createDocumentFromSource
function, and (5) improper handling of synchronous frame loads in the
ScriptController::executeIfJavaScriptURL function.

Bugs

Notes

Author Note
jdstrand qt4-x11 unmaintained upstream (see README.webkit for details)
OSVersionArchitecturePackageVersionFilename
ubuntu10.04noarchchromium-browser< 23.0.1271.97-0ubuntu0.10.04.1UNKNOWN
ubuntu11.10noarchchromium-browser< 23.0.1271.97-0ubuntu0.11.10.1UNKNOWN

Related

cve 1
debiancve 1
nvd 1
prion 1
cvelist 1
openvas 14
nessus 9
threatpost 1
chrome 1
gentoo 1
securityvulns 2
freebsd 1
cve
cve
CVE-2011-3881
2011-10-25 19:55:01
debiancve
debiancve
CVE-2011-3881
2011-10-25 19:55:00
nvd
nvd
CVE-2011-3881
2011-10-25 19:55:01
prion
prion
Design/Logic Flaw
2011-10-25 19:55:00
cvelist
cvelist
CVE-2011-3881
2011-10-25 19:00:00
openvas
openvas
Google Chrome Multiple Vulnerabilities - October11 (Windows)
2011-10-28 00:00:00
Google Chrome multiple vulnerabilities - October11 (Mac OS X)
2011-10-28 00:00:00
Google Chrome Multiple Vulnerabilities (Oct 2011) - Linux
2011-10-28 00:00:00
nessus
nessus
Google Chrome < 15.0.874.102 Multiple Vulnerabilities
2011-10-26 00:00:00
Google Chrome < 15.0.874.102 Multiple Vulnerabilities
2011-10-26 00:00:00
Google Chrome < 15.0.874.102 Multiple Vulnerabilities
2011-10-26 00:00:00
threatpost
threatpost
Google Fixes 27 Bugs in Chrome 15
2011-10-25 17:51:34
chrome
chrome
Chrome Stable Release
2011-10-25 00:00:00
gentoo
gentoo
Chromium, V8: Multiple vulnerabilities
2011-11-01 00:00:00
securityvulns
securityvulns
Apple WebKit &#40;iTunes, iPhone, Safari, Google Chrome&#41; multiple security vulnerabilities
2012-08-27 00:00:00
APPLE-SA-2012-03-07-2 iOS 5.1 Software Update
2012-03-09 00:00:00
freebsd
freebsd
chromium -- multiple vulnerabilities
2010-10-19 00:00:00

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.003 Low

EPSS

Percentile

71.7%

JSON
Related for UB:CVE-2011-3881
cve1debiancve1nvd1prion1cvelist1openvas14nessus9threatpost1chrome1gentoo1securityvulns2freebsd1