Origin validation error in Google Chrome - CVE-2011-2856

CSH
CYBERSECURITY HELP
Sign In REGISTER
 
Main Vulnerability Database Vulnerabilities #VU44717

Origin validation error in Google Chrome - CVE-2011-2856

Published: September 19, 2011 / Updated: August 11, 2020


Vulnerability identifier: #VU44717
CSH Severity: Medium
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Green
CVE-ID: CVE-2011-2856
CWE-ID: CWE-346
Exploitation vector: Remote access
Exploit availability: No public exploit available
Vendor: Google
Affected software:
Google Chrome

Detailed vulnerability description

The vulnerability allows a remote non-authenticated attacker to read and manipulate data.

Google V8, as used in Google Chrome before 14.0.835.163, allows remote attackers to bypass the Same Origin Policy via unspecified vectors.


How to mitigate CVE-2011-2856

Install update from vendor's website.

Sources