CVE-2011-1042 - Use-after-free vulnerability in flimflamd in flimflam in Google Chrome OS before 0.9.130.14 Beta all

CVE-2011-1042

Summary

Use-after-free vulnerability in flimflamd in flimflam in Google Chrome OS before 0.9.130.14 Beta allows user-assisted remote attackers to cause a denial of service (daemon crash) by providing the name of a hidden WiFi network that does not respond to connection attempts.

References

Vulnerable Configurations

cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*
cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*
cpe:2.3:o:google:chrome_os:0.9.110.6:*:*:*:*:*:*:*
cpe:2.3:o:google:chrome_os:0.9.110.6:*:*:*:*:*:*:*
cpe:2.3:o:google:chrome_os:0.9.126.0:*:*:*:*:*:*:*
cpe:2.3:o:google:chrome_os:0.9.126.0:*:*:*:*:*:*:*
cpe:2.3:o:google:chrome_os:8.0.552.342:*:*:*:*:*:*:*
cpe:2.3:o:google:chrome_os:8.0.552.342:*:*:*:*:*:*:*
cpe:2.3:o:google:chrome_os:8.0.552.343:*:*:*:*:*:*:*
cpe:2.3:o:google:chrome_os:8.0.552.343:*:*:*:*:*:*:*
cpe:2.3:o:google:chrome_os:8.0.552.344:*:*:*:*:*:*:*
cpe:2.3:o:google:chrome_os:8.0.552.344:*:*:*:*:*:*:*

CVSS

Base:	4.3 (as of 17-08-2017 - 01:33)
Impact:
Exploitability:

CWE

CWE-399

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	MEDIUM	NONE

Impact

Confidentiality	Integrity	Availability
NONE	NONE	PARTIAL

cvss-vector via4

AV:N/AC:M/Au:N/C:N/I:N/A:P

refmap via4

confirm	http://code.google.com/p/chromium-os/issues/detail?id=8871 http://codereview.chromium.org/5255012 http://googlechromereleases.blogspot.com/2011/01/chrome-os-beta-channel-update.html
xf	google-chrome-flimflamd-dos(65556)

Last major update

17-08-2017 - 01:33

Published

18-02-2011 - 17:00

Last modified

17-08-2017 - 01:33