var-201102-0350
Vulnerability from variot
Use-after-free vulnerability in WebCore in WebKit before r77705, as used in Google Chrome before 11.0.672.2 and other products, allows user-assisted remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via vectors that entice a user to resubmit a form, related to improper handling of provisional items by the HistoryController component, aka rdar problem 8938557. WebKit is prone to a denial-of-service vulnerability. WebKit is a set of open source web browser engines jointly developed by companies such as KDE, Apple (Apple), and Google (Google), and is currently used by browsers such as Apple Safari and Google Chrome. A use-after-free vulnerability exists in WebCore in WebKit versions prior to r77705 used in Google Chrome versions prior to 11.0.672.2 and others. The vulnerability is related to improper handling of temporary items by the HistoryController component
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201102-0350",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "chrome",
"scope": "lt",
"trust": 1.0,
"vendor": "google",
"version": "11.0.672.2"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.8,
"vendor": "google",
"version": "11.0.672.2 products"
},
{
"model": "webkit",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "r77705"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.6,
"vendor": "google",
"version": "9.0.597.36"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.6,
"vendor": "google",
"version": "9.0.597.45"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.6,
"vendor": "google",
"version": "9.0.597.41"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.6,
"vendor": "google",
"version": "9.0.597.46"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.6,
"vendor": "google",
"version": "9.0.597.40"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.6,
"vendor": "google",
"version": "9.0.597.42"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.6,
"vendor": "google",
"version": "9.0.597.4"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.6,
"vendor": "google",
"version": "10.0.648.204"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.6,
"vendor": "google",
"version": "9.0.597.44"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.6,
"vendor": "google",
"version": "10.0.648.18"
},
{
"model": "open source project webkit",
"scope": "eq",
"trust": 0.3,
"vendor": "webkit",
"version": "1.2.5"
},
{
"model": "open source project webkit",
"scope": "eq",
"trust": 0.3,
"vendor": "webkit",
"version": "1.2.3"
},
{
"model": "open source project webkit",
"scope": "eq",
"trust": 0.3,
"vendor": "webkit",
"version": "1.2.2"
},
{
"model": "open source project webkit r52833",
"scope": null,
"trust": 0.3,
"vendor": "webkit",
"version": null
},
{
"model": "open source project webkit r52401",
"scope": null,
"trust": 0.3,
"vendor": "webkit",
"version": null
},
{
"model": "open source project webkit r51295",
"scope": null,
"trust": 0.3,
"vendor": "webkit",
"version": null
},
{
"model": "open source project webkit r38566",
"scope": null,
"trust": 0.3,
"vendor": "webkit",
"version": null
},
{
"model": "open source project webkit",
"scope": "eq",
"trust": 0.3,
"vendor": "webkit",
"version": "1.2.x"
},
{
"model": "open source project webkit",
"scope": "eq",
"trust": 0.3,
"vendor": "webkit",
"version": "1.2.2-1"
},
{
"model": "open source project webkit",
"scope": "eq",
"trust": 0.3,
"vendor": "webkit",
"version": "0"
},
{
"model": "chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "11"
},
{
"model": "open source project webkit r77705",
"scope": "ne",
"trust": 0.3,
"vendor": "webkit",
"version": null
},
{
"model": "chrome",
"scope": "ne",
"trust": 0.3,
"vendor": "google",
"version": "11.0.672.2"
}
],
"sources": [
{
"db": "BID",
"id": "46577"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-004319"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-320"
},
{
"db": "NVD",
"id": "CVE-2011-1059"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:google:chrome",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:apple:webkit",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-004319"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "WebKit",
"sources": [
{
"db": "BID",
"id": "46577"
}
],
"trust": 0.3
},
"cve": "CVE-2011-1059",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CVE-2011-1059",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "VHN-49004",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2011-1059",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2011-1059",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-201102-320",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-49004",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-49004"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-004319"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-320"
},
{
"db": "NVD",
"id": "CVE-2011-1059"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Use-after-free vulnerability in WebCore in WebKit before r77705, as used in Google Chrome before 11.0.672.2 and other products, allows user-assisted remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via vectors that entice a user to resubmit a form, related to improper handling of provisional items by the HistoryController component, aka rdar problem 8938557. WebKit is prone to a denial-of-service vulnerability. WebKit is a set of open source web browser engines jointly developed by companies such as KDE, Apple (Apple), and Google (Google), and is currently used by browsers such as Apple Safari and Google Chrome. A use-after-free vulnerability exists in WebCore in WebKit versions prior to r77705 used in Google Chrome versions prior to 11.0.672.2 and others. The vulnerability is related to improper handling of temporary items by the HistoryController component",
"sources": [
{
"db": "NVD",
"id": "CVE-2011-1059"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-004319"
},
{
"db": "BID",
"id": "46577"
},
{
"db": "VULHUB",
"id": "VHN-49004"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2011-1059",
"trust": 2.8
},
{
"db": "BID",
"id": "46577",
"trust": 2.0
},
{
"db": "JVNDB",
"id": "JVNDB-2011-004319",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201102-320",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-49004",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-49004"
},
{
"db": "BID",
"id": "46577"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-004319"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-320"
},
{
"db": "NVD",
"id": "CVE-2011-1059"
}
]
},
"id": "VAR-201102-0350",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-49004"
}
],
"trust": 0.01
},
"last_update_date": "2024-11-23T22:42:52.384000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "52819",
"trust": 0.8,
"url": "https://bugs.webkit.org/show_bug.cgi?id=52819"
},
{
"title": "Dev Channel Update",
"trust": 0.8,
"url": "http://googlechromereleases.blogspot.com/2011/02/dev-channel-update_17.html"
},
{
"title": "bug-52819-20110204143234",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=39484"
},
{
"title": "bug-52819-20110203154913",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=39483"
},
{
"title": "bug-52819-20110202180818",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=39482"
},
{
"title": "bug-52819-20110201190219",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=39481"
},
{
"title": "bug-52819-20110121140238",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=39480"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-004319"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-320"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-416",
"trust": 1.1
},
{
"problemtype": "CWE-399",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-49004"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-004319"
},
{
"db": "NVD",
"id": "CVE-2011-1059"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "http://googlechromereleases.blogspot.com/2011/02/dev-channel-update_17.html"
},
{
"trust": 2.0,
"url": "http://trac.webkit.org/changeset/77705"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/46577"
},
{
"trust": 1.7,
"url": "http://code.google.com/p/chromium/issues/detail?id=70315"
},
{
"trust": 1.7,
"url": "https://bugs.webkit.org/show_bug.cgi?id=52819"
},
{
"trust": 1.7,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a13943"
},
{
"trust": 1.7,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65714"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-1059"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-1059"
},
{
"trust": 0.3,
"url": "http://www.webkit.org/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-49004"
},
{
"db": "BID",
"id": "46577"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-004319"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-320"
},
{
"db": "NVD",
"id": "CVE-2011-1059"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-49004"
},
{
"db": "BID",
"id": "46577"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-004319"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-320"
},
{
"db": "NVD",
"id": "CVE-2011-1059"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-02-22T00:00:00",
"db": "VULHUB",
"id": "VHN-49004"
},
{
"date": "2011-02-25T00:00:00",
"db": "BID",
"id": "46577"
},
{
"date": "2012-03-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-004319"
},
{
"date": "2011-02-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201102-320"
},
{
"date": "2011-02-22T19:00:02.973000",
"db": "NVD",
"id": "CVE-2011-1059"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-06-03T00:00:00",
"db": "VULHUB",
"id": "VHN-49004"
},
{
"date": "2011-02-25T00:00:00",
"db": "BID",
"id": "46577"
},
{
"date": "2012-03-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-004319"
},
{
"date": "2020-06-04T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201102-320"
},
{
"date": "2024-11-21T01:25:25.617000",
"db": "NVD",
"id": "CVE-2011-1059"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201102-320"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Google Chrome And used in other products WebKit of WebCore Service disruption in (DoS) Vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-004319"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "resource management error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201102-320"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…