Input validation error in Google Chrome - CVE-2011-1193
Published: March 11, 2011 / Updated: August 11, 2020
Vulnerability identifier: #VU45242
CSH Severity: Medium
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Green
CVE-ID: CVE-2011-1193
CWE-ID: CWE-20
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vendor: Google
Affected software:
Google Chrome
Google Chrome
Detailed vulnerability description
The vulnerability allows a remote non-authenticated attacker to read and manipulate data.
Google V8, as used in Google Chrome before 10.0.648.127, allows remote attackers to bypass the Same Origin Policy via unspecified vectors.
How to mitigate CVE-2011-1193
Install update from vendor's website.
Sources
- http://code.google.com/p/chromium/issues/detail?id=70877
- http://googlechromereleases.blogspot.com/2011/03/chrome-stable-release.html
- http://www.securityfocus.com/bid/46785
- http://www.vupen.com/english/advisories/2011/0628
- https://exchange.xforce.ibmcloud.com/vulnerabilities/65957
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14035