Main Vulnerability Database Vulnerabilities #VU44646

Input validation error in Google Chrome - CVE-2011-2879

Published: October 4, 2011 / Updated: August 11, 2020

Vulnerability identifier: #VU44646

CSH Severity: Medium

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Green

CVE-ID: CVE-2011-2879

CWE-ID: CWE-20

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vendor: Google

Affected software:
Google Chrome

Detailed vulnerability description

The vulnerability allows a remote non-authenticated attacker to read and manipulate data.

Google Chrome before 14.0.835.202 does not properly consider object lifetimes and thread safety during the handling of audio nodes, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.

How to mitigate CVE-2011-2879

Install update from vendor's website.

Sources

http://code.google.com/p/chromium/issues/detail?id=96150
http://googlechromereleases.blogspot.com/2011/10/stable-channel-update.html
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14496

Input validation error in Google Chrome - CVE-2011-2879

Detailed vulnerability description

How to mitigate CVE-2011-2879

Sources

Please verify you're human