var-201202-0017
Vulnerability from variot
Use-after-free vulnerability in Google Chrome before 17.0.963.46 allows user-assisted remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to mousemove events. Google Chrome is prone to multiple vulnerabilities. Attackers can exploit these issues to execute arbitrary code in the context of the browser or cause denial-of-service conditions; other attacks may also be possible. Versions prior to Chrome 17.0.963.46 are vulnerable. Google Chrome is a web browser developed by Google (Google). - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201202-01
http://security.gentoo.org/
Severity: Normal Title: Chromium: Multiple vulnerabilities Date: February 18, 2012 Bugs: #402841, #404067 ID: 201202-01
Synopsis
Multiple vulnerabilities have been reported in Chromium, some of which may allow execution of arbitrary code.
Background
Chromium is an open source web browser project.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 www-client/chromium < 17.0.963.56 >= 17.0.963.56
Description
Multiple vulnerabilities have been discovered in Chromium. Please review the CVE identifiers and release notes referenced below for details.
Impact
A remote attacker could entice a user to open a specially crafted web site using Chromium, possibly resulting in the execution of arbitrary code with the privileges of the process, a Denial of Service condition, information leak (clipboard contents), bypass of the Same Origin Policy, or escape from NativeClient's sandbox.
A remote attacker could also entice the user to perform a set of UI actions (drag and drop) to trigger an URL bar spoofing vulnerability.
Workaround
There is no known workaround at this time.
Resolution
All Chromium users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot -v ">=www-client/chromium-17.0.963.56"
References
[ 1 ] CVE-2011-3016 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3016 [ 2 ] CVE-2011-3017 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3017 [ 3 ] CVE-2011-3018 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3018 [ 4 ] CVE-2011-3019 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3019 [ 5 ] CVE-2011-3020 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3020 [ 6 ] CVE-2011-3021 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3021 [ 7 ] CVE-2011-3022 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3022 [ 8 ] CVE-2011-3023 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3023 [ 9 ] CVE-2011-3024 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3024 [ 10 ] CVE-2011-3025 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3025 [ 11 ] CVE-2011-3027 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3027 [ 12 ] CVE-2011-3953 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3953 [ 13 ] CVE-2011-3954 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3954 [ 14 ] CVE-2011-3955 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3955 [ 15 ] CVE-2011-3956 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3956 [ 16 ] CVE-2011-3957 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3957 [ 17 ] CVE-2011-3958 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3958 [ 18 ] CVE-2011-3959 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3959 [ 19 ] CVE-2011-3960 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3960 [ 20 ] CVE-2011-3961 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3961 [ 21 ] CVE-2011-3962 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3962 [ 22 ] CVE-2011-3963 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3963 [ 23 ] CVE-2011-3964 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3964 [ 24 ] CVE-2011-3965 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3965 [ 25 ] CVE-2011-3966 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3966 [ 26 ] CVE-2011-3967 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3967 [ 27 ] CVE-2011-3968 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3968 [ 28 ] CVE-2011-3969 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3969 [ 29 ] CVE-2011-3970 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3970 [ 30 ] CVE-2011-3971 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3971 [ 31 ] CVE-2011-3972 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3972 [ 32 ] Release Notes 17.0.963.46
http://googlechromereleases.blogspot.com/2012/02/stable-channel-update.ht= ml [ 33 ] Release Notes 17.0.963.56
http://googlechromereleases.blogspot.com/2012/02/chrome-stable-update.htm= l
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201202-01.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2012 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-201202-0017", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "chrome", scope: "lt", trust: 1.8, vendor: "google", version: "17.0.963.46", }, { model: "iphone os", scope: "lt", trust: 1, vendor: "apple", version: "6.0", }, { model: "safari", scope: "lt", trust: 1, vendor: "apple", version: "6.0", }, { model: "itunes", scope: "lt", trust: 1, vendor: "apple", version: "10.7", }, { model: "ios", scope: "lt", trust: 0.8, vendor: "apple", version: "6.1 (ipad 2 or later )", }, { model: "ios", scope: "lt", trust: 0.8, vendor: "apple", version: "6.1 (iphone 3gs or later )", }, { model: "ios", scope: "lt", trust: 0.8, vendor: "apple", version: "6.1 (ipod touch first 4 after generation )", }, { model: "safari", scope: "lt", trust: 0.8, vendor: "apple", version: "6.0 (mac os)", }, { model: "chrome", scope: "eq", trust: 0.6, vendor: "google", version: "12.0.741.0", }, { model: "chrome", scope: "eq", trust: 0.6, vendor: "google", version: "12.0.742.0", }, { model: "chrome", scope: "eq", trust: 0.6, vendor: "google", version: "12.0.740.0", }, { model: "chrome", scope: "eq", trust: 0.6, vendor: "google", version: "12.0.742.17", }, { model: "chrome", scope: "eq", trust: 0.6, vendor: "google", version: "12.0.742.1", }, { model: "chrome", scope: "eq", trust: 0.6, vendor: "google", version: "12.0.742.18", }, { model: "chrome", scope: "eq", trust: 0.6, vendor: "google", version: "12.0.742.19", }, { model: "chrome", scope: "eq", trust: 0.6, vendor: "google", version: "12.0.739.0", }, { model: "chrome", scope: "eq", trust: 0.6, vendor: "google", version: "12.0.738.0", }, { model: "chrome", scope: "eq", trust: 0.6, vendor: "google", version: "12.0.742.16", }, { model: "chrome", scope: "eq", trust: 0.3, vendor: "google", version: "8.0.552.220", }, { model: "chrome", scope: "eq", trust: 0.3, vendor: "google", version: "8.0.552.101", }, { model: "linux i386", scope: "eq", trust: 0.3, vendor: "ubuntu", version: "11.10", }, { model: "chrome", scope: "eq", trust: 0.3, vendor: "google", version: "9.0.597.94", }, { model: "chrome", scope: "eq", trust: 0.3, vendor: "google", version: "11.0.696.57", }, { model: "aura session manager sp2", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.1", }, { model: "chrome", scope: "eq", trust: 0.3, vendor: "google", version: "12.0.742.100", }, { model: "safari for windows", scope: "ne", trust: 0.3, vendor: "apple", version: "6.0", }, { model: "itunes", scope: "eq", trust: 0.3, vendor: "apple", version: "10.4.0.80", }, { model: "aura system platform", scope: "eq", trust: 0.3, vendor: "avaya", version: "1.0", }, { model: "itunes", scope: "eq", trust: 0.3, vendor: "apple", version: "10.6", }, { model: "safari", scope: "eq", trust: 0.3, vendor: "apple", version: "5.0.1", }, { model: "enterprise linux hpc node optional", scope: "eq", trust: 0.3, vendor: "redhat", version: "6", }, { model: "chrome", scope: "eq", trust: 0.3, vendor: "google", version: "8.0.552.223", }, { model: "ios", scope: "eq", trust: 0.3, vendor: "apple", version: "4", }, { model: "safari for windows", scope: "eq", trust: 0.3, vendor: "apple", version: "5.0.1", }, { model: "chrome", scope: "eq", trust: 0.3, vendor: "google", version: "8.0.552.303", }, { model: "aura session manager", scope: "eq", trust: 0.3, vendor: "avaya", version: "5.2.1", }, { model: "aura presence services", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.1.1", }, { model: "freeflow print server 73.c5.11", scope: null, trust: 0.3, vendor: "xerox", version: null, }, { model: "voice portal sp3", scope: "eq", trust: 0.3, vendor: "avaya", version: "5.1", }, { model: "safari", scope: "eq", trust: 0.3, vendor: "apple", version: "5.0.5", }, { model: "ios", scope: "eq", trust: 0.3, vendor: "apple", version: "4.3", }, { model: "aura session manager", scope: "eq", trust: 0.3, vendor: "avaya", version: "1.1.1", }, { model: "enterprise linux", scope: "eq", trust: 0.3, vendor: "oracle", version: "6.2", }, { model: "voice portal sp1", scope: "eq", trust: 0.3, vendor: "avaya", version: "5.0", }, { model: "enterprise linux server", scope: "eq", trust: 0.3, vendor: "redhat", version: "6", }, { model: "chrome", scope: "eq", trust: 0.3, vendor: "google", version: "8.0.552.20", }, { model: "chrome", scope: "eq", trust: 0.3, vendor: "google", version: "11.0.696.43", }, { model: "voice portal", scope: "eq", trust: 0.3, vendor: "avaya", version: "5.1", }, { model: "aura application enablement services", scope: "eq", trust: 0.3, vendor: "avaya", version: "5.2", }, { model: "linux enterprise server sp3 ltss", scope: "eq", trust: 0.3, vendor: "suse", version: "10", }, { model: "chrome", scope: "eq", trust: 0.3, vendor: "google", version: "8.0.552.300", }, { model: "safari for windows", scope: "eq", trust: 0.3, vendor: "apple", version: "5.0.5", }, { model: "ios", scope: "eq", trust: 0.3, vendor: "apple", version: "4.2", }, { model: "iq", scope: "eq", trust: 0.3, vendor: "avaya", version: "5.1.1", }, { model: "safari for windows", scope: "eq", trust: 0.3, vendor: "apple", version: "5.1.4", }, { model: "chrome", scope: "eq", trust: 0.3, vendor: "google", version: "16.0.912.75", }, { model: "enterprise linux server optional", scope: "eq", trust: 0.3, vendor: "redhat", version: "6", }, { model: "chrome", scope: "eq", trust: 0.3, vendor: "google", version: "8.0.552.203", }, { model: "chrome", scope: "eq", trust: 0.3, vendor: "google", version: "8.0.552.105", }, { model: "chrome", scope: "eq", trust: 0.3, vendor: "google", version: "8.0.552.10", }, { model: "aura application enablement services", scope: "eq", trust: 0.3, vendor: "avaya", version: "5.2.3", }, { model: "enterprise server", scope: "eq", trust: 0.3, vendor: "mandrakesoft", version: "5", }, { model: "chrome", scope: "eq", trust: 0.3, vendor: "google", version: "8.0.552.211", }, { model: "voice portal sp2", scope: "eq", trust: 0.3, vendor: "avaya", version: "5.0", }, { model: "aura system platform", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.0.3.9.3", }, { model: "chrome", scope: "eq", trust: 0.3, vendor: "google", version: "8.0.552.18", }, { model: "chrome", scope: "eq", trust: 0.3, vendor: "google", version: "13", }, { model: "chrome", scope: "eq", trust: 0.3, vendor: "google", version: "8.0.552.221", }, { model: "aura system manager", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.1.2", }, { model: "aura application enablement services", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.1", }, { model: "safari", scope: "ne", trust: 0.3, vendor: "apple", version: "6.0", }, { model: "linux amd64", scope: "eq", trust: 0.3, vendor: "ubuntu", version: "11.10", }, { model: "aura session manager", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.2.1", }, { model: "chrome", scope: "eq", trust: 0.3, vendor: "google", version: "8.0.552.104", }, { model: "aura application enablement services", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.1.1", }, { model: "chrome", scope: "eq", trust: 0.3, vendor: "google", version: "8.0.552.12", }, { model: "chrome", scope: "eq", trust: 0.3, vendor: "google", version: "8.0.552.213", }, { model: "chrome", scope: "eq", trust: 0.3, vendor: "google", version: "8.0.552.306", }, { model: "chrome", scope: "eq", trust: 0.3, vendor: "google", version: "8.0.552.102", }, { model: "linux lts amd64", scope: "eq", trust: 0.3, vendor: "ubuntu", version: "8.04", }, { model: "linux mandrake x86 64", scope: "eq", trust: 0.3, vendor: "mandriva", version: "2011", }, { model: "enterprise linux workstation", scope: "eq", trust: 0.3, vendor: "redhat", version: "6", }, { model: "chrome", scope: "eq", trust: 0.3, vendor: "google", version: "10.0.648.204", }, { model: "freeflow print server 81.d0.73", scope: null, trust: 0.3, vendor: "xerox", version: null, }, { model: "chrome", scope: "eq", trust: 0.3, vendor: "google", version: "8.0.552.307", }, { model: "esx", scope: "eq", trust: 0.3, vendor: "vmware", version: "4.1", }, { model: "aura system manager", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.0", }, { model: "aura communication manager utility services", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.1", }, { model: "chrome", scope: "eq", trust: 0.3, vendor: "google", version: "8.0.551.0", }, { model: "chrome", scope: "eq", trust: 0.3, vendor: "google", version: "8.0.552.208", }, { model: "chrome", scope: "eq", trust: 0.3, vendor: "google", version: "10.0.648.128", }, { model: "safari for windows", scope: "eq", trust: 0.3, vendor: "apple", version: "5.1.5", }, { model: "chrome", scope: "eq", trust: 0.3, vendor: "google", version: "8.0.552.19", }, { model: "itunes", scope: "eq", trust: 0.3, vendor: "apple", version: "10.2.2", }, { model: "linux lts powerpc", scope: "eq", trust: 0.3, vendor: "ubuntu", version: "8.04", }, { model: "chrome", scope: "eq", trust: 0.3, vendor: "google", version: "8.0.552.301", }, { model: "freeflow print server 93.c4.93", scope: null, trust: 0.3, vendor: "xerox", version: null, }, { model: "enterprise linux desktop client", scope: "eq", trust: 0.3, vendor: "redhat", version: "5", }, { model: "linux amd64", scope: "eq", trust: 0.3, vendor: "ubuntu", version: "10.04", }, { model: "aura messaging", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.0.1", }, { model: "ios", scope: "eq", trust: 0.3, vendor: "apple", version: "4.1", }, { model: "safari for windows", scope: "eq", trust: 0.3, vendor: "apple", version: "5.0.4", }, { model: "communication server 1000m", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.0", }, { model: "chrome", scope: "eq", trust: 0.3, vendor: "google", version: "8.0.552.0", }, { model: "chrome", scope: "eq", trust: 0.3, vendor: "google", version: "8.0.552.1", }, { model: "chrome", scope: "eq", trust: 0.3, vendor: "google", version: "8.0.552.14", }, { model: "chrome", scope: "eq", trust: 0.3, vendor: "google", version: "8.0.552.15", }, { model: "aura session manager sp1", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.1", }, { model: "chrome", scope: "eq", trust: 0.3, vendor: "google", version: "8.0.552.205", }, { model: "chrome", scope: "eq", trust: 0.3, vendor: "google", version: "8.0.552.16", }, { model: "aura session manager", scope: "eq", trust: 0.3, vendor: "avaya", version: "1.1", }, { model: "safari", scope: "eq", trust: 0.3, vendor: "apple", version: "5.0.6", }, { model: "safari for windows", scope: "eq", trust: 0.3, vendor: "apple", version: "5.0.6", }, { model: "ios", scope: "eq", trust: 0.3, vendor: "apple", version: "2.1", }, { model: "iq", scope: "eq", trust: 0.3, vendor: "avaya", version: "5.2", }, { model: "chrome", scope: "eq", trust: 0.3, vendor: "google", version: "8.0.552.17", }, { model: "aura session manager", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.0.1", }, { model: "safari", scope: "eq", trust: 0.3, vendor: "apple", version: "5.0", }, { model: "aura presence services", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.1", }, { model: "linux enterprise desktop sp3", scope: "eq", trust: 0.3, vendor: "suse", version: "11", }, { model: "linux amd64", scope: "eq", trust: 0.3, vendor: "ubuntu", version: "11.04", }, { model: "chrome", scope: "eq", trust: 0.3, vendor: "google", version: "8.0.552.222", }, { model: "chrome", scope: "eq", trust: 0.3, vendor: "google", version: "8.0.552.215", }, { model: "chrome", scope: "eq", trust: 0.3, vendor: "google", version: "8.0.552.204", }, { model: "ios", scope: "eq", trust: 0.3, vendor: "apple", version: "3.0", }, { model: "enterprise linux workstation optional", scope: "eq", trust: 0.3, vendor: "redhat", version: "6", }, { model: "chrome", scope: "eq", trust: 0.3, vendor: "google", version: "10.0.648.127", }, { model: "aura session manager", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.2", }, { model: "voice portal", scope: "eq", trust: 0.3, vendor: "avaya", version: "5.1.1", }, { model: "safari for windows", scope: "eq", trust: 0.3, vendor: "apple", version: "5.0", }, { model: "chrome", scope: "eq", trust: 0.3, vendor: "google", version: "11.0.696.65", }, { model: "linux i386", scope: "eq", trust: 0.3, vendor: "ubuntu", version: "10.04", }, { model: "aura experience portal", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.0.1", }, { model: "aura system manager", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.1.3", }, { model: "linux lts sparc", scope: "eq", trust: 0.3, vendor: "ubuntu", version: "8.04", }, { model: "chrome", scope: "eq", trust: 0.3, vendor: "google", version: "8.0.552.225", }, { model: "linux enterprise software development kit sp3", scope: "eq", trust: 0.3, vendor: "suse", version: "11", }, { model: "aura presence services", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.1.2", }, { model: "aura system platform", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.0", }, { model: "chrome", scope: "eq", trust: 0.3, vendor: "google", version: "8.0.552.21", }, { model: "communication server 1000e signaling server", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.0", }, { model: "aura system manager", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.1.5", }, { model: "safari", scope: "eq", trust: 0.3, vendor: "apple", version: "5.1.7", }, { model: "aura messaging", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.1", }, { model: "linux lts i386", scope: "eq", trust: 0.3, vendor: "ubuntu", version: "8.04", }, { model: "solaris", scope: "eq", trust: 0.3, vendor: "oracle", version: "10", }, { model: "aura system manager", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.2.3", }, { model: "aura messaging", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.1.1", }, { model: "communication server 1000e", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.0", }, { model: "chrome", scope: "eq", trust: 0.3, vendor: "google", version: "9.0.597.107", }, { model: "chrome", scope: "eq", trust: 0.3, vendor: "google", version: "8.0.552.302", }, { model: "linux i386", scope: "eq", trust: 0.3, vendor: "ubuntu", version: "11.04", }, { model: "chrome", scope: "eq", trust: 0.3, vendor: "google", version: "8.0.552.310", }, { model: "chrome", scope: "eq", trust: 0.3, vendor: "google", version: "8.0.552.219", }, { model: "aura system platform sp3", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.0", }, { model: "ios", scope: "eq", trust: 0.3, vendor: "apple", version: "3.1", }, { model: "ios", scope: "eq", trust: 0.3, vendor: "apple", version: "4.3.5", }, { model: "chrome", scope: "eq", trust: 0.3, vendor: "google", version: "16.0.91275", }, { model: "aura system platform sp2", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.0", }, { model: "safari", scope: "eq", trust: 0.3, vendor: "apple", version: "5.0.2", }, { model: "chrome", scope: "eq", trust: 0.3, vendor: "google", version: "8.0.552.218", }, { model: "chrome", scope: "eq", trust: 0.3, vendor: "google", version: "8.0.552.103", }, { model: "chrome", scope: "eq", trust: 0.3, vendor: "google", version: "8.0.552.217", }, { model: "chrome", scope: "eq", trust: 0.3, vendor: "google", version: "8.0.552.224", }, { model: "aura session manager", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.1", }, { model: "aura application enablement services", scope: "eq", trust: 0.3, vendor: "avaya", version: "5.2.2", }, { model: "chrome", scope: "eq", trust: 0.3, vendor: "google", version: "12.0.742.112", }, { model: "aura session manager", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.1.1", }, { model: "safari for windows", scope: "eq", trust: 0.3, vendor: "apple", version: "5.0.2", }, { model: "chrome", scope: "eq", trust: 0.3, vendor: "google", version: "11.0.696.71", }, { model: "itunes", scope: "ne", trust: 0.3, vendor: "apple", version: "10.7", }, { model: "chrome", scope: "eq", trust: 0.3, vendor: "google", version: "8.0.552.100", }, { model: "aura session manager sp1", scope: "eq", trust: 0.3, vendor: "avaya", version: "5.2", }, { model: "itunes", scope: "eq", trust: 0.3, vendor: "apple", version: "10.6.3", }, { model: "aura application enablement services", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.1.2", }, { model: "aura system manager", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.2", }, { model: "aura system platform sp1", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.2", }, { model: "aura system platform", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.2.1", }, { model: "ip office server edition", scope: "eq", trust: 0.3, vendor: "avaya", version: "8.0", }, { model: "enterprise linux", scope: "eq", trust: 0.3, vendor: "oracle", version: "6", }, { model: "safari", scope: "eq", trust: 0.3, vendor: "apple", version: "5.1", }, { model: "aura application enablement services", scope: "eq", trust: 0.3, vendor: "avaya", version: "5.2.1", }, { model: "linux sparc", scope: "eq", trust: 0.3, vendor: "ubuntu", version: "10.04", }, { model: "enterprise linux desktop optional", scope: "eq", trust: 0.3, vendor: "redhat", version: "6", }, { model: "chrome", scope: "eq", trust: 0.3, vendor: "google", version: "8.0.552.13", }, { model: "chrome", scope: "eq", trust: 0.3, vendor: "google", version: "12.0.742.91", }, { model: "linux mandrake x86 64", scope: "eq", trust: 0.3, vendor: "mandriva", version: "2010.1", }, { model: "aura communication manager utility services", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.0", }, { model: "ios", scope: "eq", trust: 0.3, vendor: "apple", version: "5", }, { model: "ios", scope: "eq", trust: 0.3, vendor: "apple", version: "2.0", }, { model: "voice portal sp1", scope: "eq", trust: 0.3, vendor: "avaya", version: "5.1", }, { model: "chrome", scope: "eq", trust: 0.3, vendor: "google", version: "8.0.552.308", }, { model: "linux enterprise server sp2", scope: "eq", trust: 0.3, vendor: "suse", version: "11", }, { model: "voice portal", scope: "eq", trust: 0.3, vendor: "avaya", version: "5.1.2", }, { model: "chrome", scope: "eq", trust: 0.3, vendor: "google", version: "9.0.597.84", }, { model: "chrome", scope: "eq", trust: 0.3, vendor: "google", version: "8.0.552.210", }, { model: "chrome", scope: "eq", trust: 0.3, vendor: "google", version: "8.0.550.0", }, { model: "linux", scope: null, trust: 0.3, vendor: "gentoo", version: null, }, { model: "linux powerpc", scope: "eq", trust: 0.3, vendor: "ubuntu", version: "10.04", }, { model: "itunes", scope: "eq", trust: 0.3, vendor: "apple", version: "10.5", }, { model: "linux lts i386", scope: "eq", trust: 0.3, vendor: "ubuntu", version: "12.04", }, { model: "enterprise linux hpc node", scope: "eq", trust: 0.3, vendor: "redhat", version: "6", }, { model: "itunes", scope: "eq", trust: 0.3, vendor: "apple", version: "10.1", }, { model: "voice portal", scope: "eq", trust: 0.3, vendor: "avaya", version: "5.0", }, { model: "chrome", scope: "eq", trust: 0.3, vendor: "google", version: "13.0.782.107", }, { model: "freeflow print server 90.d3.06", scope: null, trust: 0.3, vendor: "xerox", version: null, }, { model: "chrome", scope: "eq", trust: 0.3, vendor: "google", version: "15.0.874.120", }, { model: "aura session manager", scope: "eq", trust: 0.3, vendor: "avaya", version: "5.2", }, { model: "aura system platform", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.0.1", }, { model: "chrome", scope: "eq", trust: 0.3, vendor: "google", version: "14", }, { model: "chrome", scope: "eq", trust: 0.3, vendor: "google", version: "11.0.696.77", }, { model: "chrome", scope: "eq", trust: 0.3, vendor: "google", version: "8.0.552.309", }, { model: "aura system platform", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.0.3.0.3", }, { model: "itunes", scope: "eq", trust: 0.3, vendor: "apple", version: "10.2", }, { model: "linux mandrake", scope: "eq", trust: 0.3, vendor: "mandriva", version: "2011", }, { model: "chrome", scope: "eq", trust: 0.3, vendor: "google", version: "8.0.552.214", }, { model: "one-x client enablement service", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.1", }, { model: "communication server 1000e signaling server", scope: "eq", trust: 0.3, vendor: "avaya", version: "7.5", }, { model: "ios", scope: "eq", trust: 0.3, vendor: "apple", version: "5.1", }, { model: "chrome", scope: "eq", trust: 0.3, vendor: "google", version: "16", }, { model: "linux lts lpia", scope: "eq", trust: 0.3, vendor: "ubuntu", version: "8.04", }, { model: "linux arm", scope: "eq", trust: 0.3, vendor: "ubuntu", version: "10.04", }, { model: "linux powerpc", scope: "eq", trust: 0.3, vendor: "ubuntu", version: "11.04", }, { model: "chrome", scope: "eq", trust: 0.3, vendor: "google", version: "8.0.552.209", }, { model: "aura system platform", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.2", }, { model: "chrome", scope: "eq", trust: 0.3, vendor: "google", version: "8.0.552.202", }, { model: "safari for windows", scope: "eq", trust: 0.3, vendor: "apple", version: "5.1.7", }, { model: "enterprise linux server", scope: "eq", trust: 0.3, vendor: "redhat", version: "5", }, { model: "chrome", scope: "eq", trust: 0.3, vendor: "google", version: "8.0.552.226", }, { model: "linux enterprise software development kit sp2", scope: "eq", trust: 0.3, vendor: "suse", version: "11", }, { model: "linux lts amd64", scope: "eq", trust: 0.3, vendor: "ubuntu", version: "12.04", }, { model: "linux enterprise server sp3", scope: "eq", trust: 0.3, vendor: "suse", version: "11", }, { model: "chrome", scope: "eq", trust: 0.3, vendor: "google", version: "8.0.551.1", }, { model: "aura presence services", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.0", }, { model: "voice portal", scope: "eq", trust: 0.3, vendor: "avaya", version: "5.1.3", }, { model: "aura session manager", scope: "eq", trust: 0.3, vendor: "avaya", version: "1.0", }, { model: "linux arm", scope: "eq", trust: 0.3, vendor: "ubuntu", version: "11.04", }, { model: "chrome", scope: "eq", trust: 0.3, vendor: "google", version: "8.0.552.201", }, { model: "aura application enablement services", scope: "eq", trust: 0.3, vendor: "avaya", version: "5.2.4", }, { model: "chrome", scope: "ne", trust: 0.3, vendor: "google", version: "17.0.963.46", }, { model: "aura messaging", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.0", }, { model: "chrome", scope: "eq", trust: 0.3, vendor: "google", version: "8.0.552.11", }, { model: "chrome", scope: "eq", trust: 0.3, vendor: "google", version: "11.0.696.68", }, { model: "chrome", scope: "eq", trust: 0.3, vendor: "google", version: "11.0.672.2", }, { model: "aura session manager", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.1.2", }, { model: "aura presence services sp2", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.1", }, { model: "aura presence services sp1", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.1", }, { model: "ios", scope: "ne", trust: 0.3, vendor: "apple", version: "6", }, { model: "aura system manager sp1", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.0", }, { model: "linux enterprise server sp4 ltss", scope: "eq", trust: 0.3, vendor: "suse", version: "10", }, { model: "linux enterprise desktop sp2", scope: "eq", trust: 0.3, vendor: "suse", version: "11", }, { model: "safari", scope: "eq", trust: 0.3, vendor: "apple", version: "5.1.1", }, { model: "chrome", scope: "eq", trust: 0.3, vendor: "google", version: "15.0.874.121", }, { model: "iq", scope: "eq", trust: 0.3, vendor: "avaya", version: "5", }, { model: "chrome", scope: "eq", trust: 0.3, vendor: "google", version: "12", }, { model: "chrome", scope: "eq", trust: 0.3, vendor: "google", version: "14.0.835.163", }, { model: "aura system manager", scope: "eq", trust: 0.3, vendor: "avaya", version: "5.2", }, { model: "chrome", scope: "eq", trust: 0.3, vendor: "google", version: "8.0.549.0", }, { model: "aura session manager", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.0", }, { model: "aura system manager sp1", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.1", }, { model: "chrome", scope: "eq", trust: 0.3, vendor: "google", version: "10", }, { model: "safari for windows", scope: "eq", trust: 0.3, vendor: "apple", version: "5.1.1", }, { model: "chrome", scope: "eq", trust: 0.3, vendor: "google", version: "16.0.912.77", }, { model: "aura system platform", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.0.2", }, { model: "aura application enablement services", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.2", }, { model: "communication server 1000m", scope: "eq", trust: 0.3, vendor: "avaya", version: "7.5", }, { model: "chrome", scope: "eq", trust: 0.3, vendor: "google", version: "8.0.552.304", }, { model: "chrome", scope: "eq", trust: 0.3, vendor: "google", version: "8.0.552.2", }, { model: "safari for windows", scope: "eq", trust: 0.3, vendor: "apple", version: "5.1", }, { model: "communication server 1000m signaling server", scope: "eq", trust: 0.3, vendor: "avaya", version: "7.0", }, { model: "chrome", scope: "eq", trust: 0.3, vendor: "google", version: "11", }, { model: "chrome", scope: "eq", trust: 0.3, vendor: "google", version: "8.0.552.207", }, { model: "chrome", scope: "eq", trust: 0.3, vendor: "google", version: "13.0.782.112", }, { model: "communication server 1000e signaling server", scope: "eq", trust: 0.3, vendor: "avaya", version: "7.0", }, { model: "chrome", scope: "eq", trust: 0.3, vendor: "google", version: "8.0.552.212", }, { model: "chrome", scope: "eq", trust: 0.3, vendor: "google", version: "8.0.552.305", }, { model: "aura experience portal", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.0", }, { model: "aura communication manager utility services", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.2", }, { model: "enterprise linux desktop workstation client", scope: "eq", trust: 0.3, vendor: "redhat", version: "5", }, { model: "safari", scope: "eq", trust: 0.3, vendor: "apple", version: "5.1.4", }, { model: "safari for windows", scope: "eq", trust: 0.3, vendor: "apple", version: "5.0.3", }, { model: "chrome", scope: "eq", trust: 0.3, vendor: "google", version: "8.0.552.216", }, { model: "freeflow print server 82.d1.44", scope: null, trust: 0.3, vendor: "xerox", version: null, }, { model: "chrome", scope: "eq", trust: 0.3, vendor: "google", version: "8.0.552.344", }, { model: "chrome", scope: "eq", trust: 0.3, vendor: "google", version: "8.0.552.237", }, { model: "aura system manager", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.1", }, { model: "communication server 1000e", scope: "eq", trust: 0.3, vendor: "avaya", version: "7.0", }, { model: "chrome", scope: "eq", trust: 0.3, vendor: "google", version: "15.0.874102", }, { model: "chrome", scope: "eq", trust: 0.3, vendor: "google", version: "8.0.552.206", }, { model: "freeflow print server 73.d2.33", scope: null, trust: 0.3, vendor: "xerox", version: null, }, { model: "iq", scope: "eq", trust: 0.3, vendor: "avaya", version: "5.1", }, { model: "aura system manager", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.1.1", }, { model: "aura system manager sp2", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.1", }, { model: "chrome", scope: "eq", trust: 0.3, vendor: "google", version: "10.0.648.133", }, { model: "ios", scope: "eq", trust: 0.3, vendor: "apple", version: "5.1.1", }, { model: "ios", scope: "eq", trust: 0.3, vendor: "apple", version: "5.0.1", }, { model: "aura session manager", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.2.2", }, { model: "itunes", scope: "eq", trust: 0.3, vendor: "apple", version: "10.6.1.7", }, { model: "linux enterprise server sp3 for vmware", scope: "eq", trust: 0.3, vendor: "suse", version: "11", }, { model: "safari", scope: "eq", trust: 0.3, vendor: "apple", version: "5.0.3", }, { model: "communication server 1000m signaling server", scope: "eq", trust: 0.3, vendor: "avaya", version: "7.5", }, { model: "chrome", scope: "eq", trust: 0.3, vendor: "google", version: "13.0.782.215", }, { model: "chrome", scope: "eq", trust: 0.3, vendor: "google", version: "10.0.648.205", }, { model: "chrome", scope: "eq", trust: 0.3, vendor: "google", version: "8.0.552.200", }, { model: "aura session manager sp1", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.0", }, { model: "enterprise server x86 64", scope: "eq", trust: 0.3, vendor: "mandrakesoft", version: "5", }, { model: "chrome", scope: "eq", trust: 0.3, vendor: "google", version: "14.0.835.186", }, { model: "linux enterprise server sp2 for vmware", scope: "eq", trust: 0.3, vendor: "suse", version: "11", }, { model: "aura session manager", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.1.3", }, { model: "freeflow print server 93.e0.21c", scope: null, trust: 0.3, vendor: "xerox", version: null, }, { model: "aura session manager sp2", scope: "eq", trust: 0.3, vendor: "avaya", version: "5.2", }, { model: "enterprise linux desktop", scope: "eq", trust: 0.3, vendor: "redhat", version: "6", }, { model: "communication server 1000e", scope: "eq", trust: 0.3, vendor: "avaya", version: "7.5", }, { model: "aura session manager", scope: "eq", trust: 0.3, vendor: "avaya", version: "6.1.5", }, { model: "ip office server edition", scope: "eq", trust: 0.3, vendor: "avaya", version: "8.1", }, { model: "chrome", scope: "eq", trust: 0.3, vendor: "google", version: "16.0.912.63", }, { model: "ios", scope: "eq", trust: 0.3, vendor: "apple", version: "3.2", }, { model: "safari", scope: "eq", trust: 0.3, vendor: "apple", version: "5.0.4", }, { model: "chrome", scope: "eq", trust: 0.3, vendor: "google", version: "14.0.835.202", }, { model: "communication server 1000m", scope: "eq", trust: 0.3, vendor: "avaya", version: "7.0", }, { model: "linux mandrake", scope: "eq", trust: 0.3, vendor: "mandriva", version: "2010.1", }, ], sources: [ { db: "BID", id: "51911", }, { db: "JVNDB", id: "JVNDB-2012-001374", }, { db: "CNNVD", id: "CNNVD-201202-180", }, { db: "NVD", id: "CVE-2011-3971", }, ], }, configurations: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", children: { "@container": "@list", }, cpe_match: { "@container": "@list", }, data: { "@container": "@list", }, nodes: { "@container": "@list", }, }, data: [ { CVE_data_version: "4.0", nodes: [ { cpe_match: [ { cpe22Uri: "cpe:/a:google:chrome", vulnerable: true, }, { cpe22Uri: "cpe:/o:apple:iphone_os", vulnerable: true, }, { cpe22Uri: "cpe:/a:apple:safari", vulnerable: true, }, ], operator: "OR", }, ], }, ], sources: [ { db: "JVNDB", id: "JVNDB-2012-001374", }, ], }, credits: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "&amp;amp;amp;amp;amp;amp;amp;amp;lt;br&amp;amp;amp;amp;amp;amp;amp;amp;gt;Daniel Cheng of the Chromium development community, Collin Payne, David Grogan of the Chromium development community, Devdatta Akhawe, UC Berkeley, Aki Helin of OUSPG, miaubi", sources: [ { db: "BID", id: "51911", }, ], trust: 0.3, }, cve: "CVE-2011-3971", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", author: "nvd@nist.gov", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", exploitabilityScore: 8.6, id: "CVE-2011-3971", impactScore: 6.4, integrityImpact: "PARTIAL", severity: "MEDIUM", trust: 1.8, vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", author: "VULHUB", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", exploitabilityScore: 8.6, id: "VHN-51916", impactScore: 6.4, integrityImpact: "PARTIAL", severity: "MEDIUM", trust: 0.1, vectorString: "AV:N/AC:M/AU:N/C:P/I:P/A:P", version: "2.0", }, ], cvssV3: [], severity: [ { author: "nvd@nist.gov", id: "CVE-2011-3971", trust: 1, value: "MEDIUM", }, { author: "NVD", id: "CVE-2011-3971", trust: 0.8, value: "Medium", }, { author: "CNNVD", id: "CNNVD-201202-180", trust: 0.6, value: "MEDIUM", }, { author: "VULHUB", id: "VHN-51916", trust: 0.1, value: "MEDIUM", }, ], }, ], sources: [ { db: "VULHUB", id: "VHN-51916", }, { db: "JVNDB", id: "JVNDB-2012-001374", }, { db: "CNNVD", id: "CNNVD-201202-180", }, { db: "NVD", id: "CVE-2011-3971", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Use-after-free vulnerability in Google Chrome before 17.0.963.46 allows user-assisted remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to mousemove events. Google Chrome is prone to multiple vulnerabilities. \nAttackers can exploit these issues to execute arbitrary code in the context of the browser or cause denial-of-service conditions; other attacks may also be possible. \nVersions prior to Chrome 17.0.963.46 are vulnerable. Google Chrome is a web browser developed by Google (Google). - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 201202-01\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n Title: Chromium: Multiple vulnerabilities\n Date: February 18, 2012\n Bugs: #402841, #404067\n ID: 201202-01\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities have been reported in Chromium, some of which\nmay allow execution of arbitrary code. \n\nBackground\n==========\n\nChromium is an open source web browser project. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 www-client/chromium < 17.0.963.56 >= 17.0.963.56\n\nDescription\n===========\n\nMultiple vulnerabilities have been discovered in Chromium. Please\nreview the CVE identifiers and release notes referenced below for\ndetails. \n\nImpact\n======\n\nA remote attacker could entice a user to open a specially crafted web\nsite using Chromium, possibly resulting in the execution of arbitrary\ncode with the privileges of the process, a Denial of Service condition,\ninformation leak (clipboard contents), bypass of the Same Origin\nPolicy, or escape from NativeClient's sandbox. \n\nA remote attacker could also entice the user to perform a set of UI\nactions (drag and drop) to trigger an URL bar spoofing vulnerability. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Chromium users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot -v \">=www-client/chromium-17.0.963.56\"\n\nReferences\n==========\n\n[ 1 ] CVE-2011-3016\n http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3016\n[ 2 ] CVE-2011-3017\n http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3017\n[ 3 ] CVE-2011-3018\n http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3018\n[ 4 ] CVE-2011-3019\n http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3019\n[ 5 ] CVE-2011-3020\n http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3020\n[ 6 ] CVE-2011-3021\n http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3021\n[ 7 ] CVE-2011-3022\n http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3022\n[ 8 ] CVE-2011-3023\n http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3023\n[ 9 ] CVE-2011-3024\n http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3024\n[ 10 ] CVE-2011-3025\n http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3025\n[ 11 ] CVE-2011-3027\n http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3027\n[ 12 ] CVE-2011-3953\n http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3953\n[ 13 ] CVE-2011-3954\n http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3954\n[ 14 ] CVE-2011-3955\n http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3955\n[ 15 ] CVE-2011-3956\n http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3956\n[ 16 ] CVE-2011-3957\n http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3957\n[ 17 ] CVE-2011-3958\n http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3958\n[ 18 ] CVE-2011-3959\n http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3959\n[ 19 ] CVE-2011-3960\n http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3960\n[ 20 ] CVE-2011-3961\n http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3961\n[ 21 ] CVE-2011-3962\n http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3962\n[ 22 ] CVE-2011-3963\n http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3963\n[ 23 ] CVE-2011-3964\n http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3964\n[ 24 ] CVE-2011-3965\n http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3965\n[ 25 ] CVE-2011-3966\n http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3966\n[ 26 ] CVE-2011-3967\n http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3967\n[ 27 ] CVE-2011-3968\n http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3968\n[ 28 ] CVE-2011-3969\n http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3969\n[ 29 ] CVE-2011-3970\n http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3970\n[ 30 ] CVE-2011-3971\n http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3971\n[ 31 ] CVE-2011-3972\n http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3972\n[ 32 ] Release Notes 17.0.963.46\n\nhttp://googlechromereleases.blogspot.com/2012/02/stable-channel-update.ht=\nml\n[ 33 ] Release Notes 17.0.963.56\n\nhttp://googlechromereleases.blogspot.com/2012/02/chrome-stable-update.htm=\nl\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201202-01.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users' machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2012 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n", sources: [ { db: "NVD", id: "CVE-2011-3971", }, { db: "JVNDB", id: "JVNDB-2012-001374", }, { db: "BID", id: "51911", }, { db: "VULHUB", id: "VHN-51916", }, { db: "PACKETSTORM", id: "109963", }, ], trust: 2.07, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2011-3971", trust: 2.9, }, { db: "JVNDB", id: "JVNDB-2012-001374", trust: 0.8, }, { db: "CNNVD", id: "CNNVD-201202-180", trust: 0.7, }, { db: "BID", id: "51911", trust: 0.3, }, { db: "VULHUB", id: "VHN-51916", trust: 0.1, }, { db: "PACKETSTORM", id: "109963", trust: 0.1, }, ], sources: [ { db: "VULHUB", id: "VHN-51916", }, { db: "BID", id: "51911", }, { db: "JVNDB", id: "JVNDB-2012-001374", }, { db: "PACKETSTORM", id: "109963", }, { db: "CNNVD", id: "CNNVD-201202-180", }, { db: "NVD", id: "CVE-2011-3971", }, ], }, id: "VAR-201202-0017", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "VULHUB", id: "VHN-51916", }, ], trust: 0.01, }, last_update_date: "2024-11-23T20:00:23.092000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "HT5400", trust: 0.8, url: "http://support.apple.com/kb/HT5400", }, { title: "HT5503", trust: 0.8, url: "http://support.apple.com/kb/HT5503", }, { title: "HT5400", trust: 0.8, url: "http://support.apple.com/kb/HT5400?viewlocale=ja_JP", }, { title: "HT5503", trust: 0.8, url: "http://support.apple.com/kb/HT5503?viewlocale=ja_JP", }, { title: "stable-channel-update", trust: 0.8, url: "http://googlechromereleases.blogspot.com/2012/02/stable-channel-update.html", }, { title: "Google Chrome", trust: 0.8, url: "http://www.google.co.jp/chrome/intl/ja/landing_ff_yt.html?hl=ja&hl=ja", }, { title: "Google Chrome Remediation of resource management error vulnerabilities", trust: 0.6, url: "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=118080", }, ], sources: [ { db: "JVNDB", id: "JVNDB-2012-001374", }, { db: "CNNVD", id: "CNNVD-201202-180", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-416", trust: 1.1, }, { problemtype: "CWE-399", trust: 0.9, }, ], sources: [ { db: "VULHUB", id: "VHN-51916", }, { db: "JVNDB", id: "JVNDB-2012-001374", }, { db: "NVD", id: "CVE-2011-3971", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 2, url: "http://googlechromereleases.blogspot.com/2012/02/stable-channel-update.html", }, { trust: 1.7, url: "http://lists.apple.com/archives/security-announce/2012/jul/msg00000.html", }, { trust: 1.7, url: "http://lists.apple.com/archives/security-announce/2012/sep/msg00001.html", }, { trust: 1.7, url: "http://lists.apple.com/archives/security-announce/2012/sep/msg00003.html", }, { trust: 1.7, url: "http://code.google.com/p/chromium/issues/detail?id=110374", }, { trust: 1.7, url: "http://support.apple.com/kb/ht5400", }, { trust: 1.7, url: "http://support.apple.com/kb/ht5485", }, { trust: 1.7, url: "http://support.apple.com/kb/ht5503", }, { trust: 1.7, url: "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a14960", }, { trust: 0.9, url: "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-3971", }, { trust: 0.8, url: "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-3971", }, { trust: 0.8, url: "http://jvn.jp/cert/jvnvu624491/", }, { trust: 0.8, url: "http://jvn.jp/cert/jvnvu864819/", }, { trust: 0.3, url: "http://www.google.com/chrome", }, { trust: 0.3, url: "http://prod.lists.apple.com/archives/security-announce/2012/sep/msg00001.html", }, { trust: 0.3, url: "https://downloads.avaya.com/css/p8/documents/100167733", }, { trust: 0.3, url: "https://blogs.oracle.com/sunsecurity/entry/cve_2011_3970_denial_of", }, { trust: 0.3, url: "http://www.vmware.com/security/advisories/vmsa-2013-0001.html", }, { trust: 0.3, url: "http://www.xerox.com/download/security/security-bulletin/10be6-4f72fbafb1868/cert_xrx14-002_v1.0.pdf", }, { trust: 0.1, url: "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-3023", }, { trust: 0.1, url: "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-3017", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2011-3965", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2011-3966", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2011-3969", }, { trust: 0.1, url: "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-3019", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2011-3957", }, { trust: 0.1, url: "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-3021", }, { trust: 0.1, url: "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-3020", }, { trust: 0.1, url: "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-3954", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2011-3017", }, { trust: 0.1, url: "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-3965", }, { trust: 0.1, url: "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-3966", }, { trust: 0.1, url: "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-3963", }, { trust: 0.1, url: "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-3960", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2011-3022", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2011-3020", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2011-3027", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2011-3958", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2011-3953", }, { trust: 0.1, url: "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-3955", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2011-3959", }, { trust: 0.1, url: "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-3964", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2011-3016", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2011-3960", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2011-3964", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2011-3955", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2011-3025", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2011-3962", }, { trust: 0.1, url: "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-3025", }, { trust: 0.1, url: "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-3961", }, { trust: 0.1, url: "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-3970", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2011-3018", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2011-3019", }, { trust: 0.1, url: "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-3962", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2011-3967", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2011-3968", }, { trust: 0.1, url: "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-3967", }, { trust: 0.1, url: "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-3953", }, { trust: 0.1, url: "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-3027", }, { trust: 0.1, url: "http://creativecommons.org/licenses/by-sa/2.5", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2011-3961", }, { trust: 0.1, url: "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-3968", }, { trust: 0.1, url: "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-3958", }, { trust: 0.1, url: "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-3018", }, { trust: 0.1, url: "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-3959", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2011-3021", }, { trust: 0.1, url: "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-3972", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2011-3024", }, { trust: 0.1, url: "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-3016", }, { trust: 0.1, url: "http://security.gentoo.org/", }, { trust: 0.1, url: "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-3024", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2011-3956", }, { trust: 0.1, url: "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-3022", }, { trust: 0.1, url: "http://googlechromereleases.blogspot.com/2012/02/chrome-stable-update.htm=", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2011-3954", }, { trust: 0.1, url: "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-3956", }, { trust: 0.1, url: "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-3957", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2011-3023", }, { trust: 0.1, url: "http://googlechromereleases.blogspot.com/2012/02/stable-channel-update.ht=", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2011-3963", }, { trust: 0.1, url: "https://bugs.gentoo.org.", }, { trust: 0.1, url: "http://security.gentoo.org/glsa/glsa-201202-01.xml", }, { trust: 0.1, url: "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-3969", }, ], sources: [ { db: "VULHUB", id: "VHN-51916", }, { db: "BID", id: "51911", }, { db: "JVNDB", id: "JVNDB-2012-001374", }, { db: "PACKETSTORM", id: "109963", }, { db: "CNNVD", id: "CNNVD-201202-180", }, { db: "NVD", id: "CVE-2011-3971", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "VULHUB", id: "VHN-51916", }, { db: "BID", id: "51911", }, { db: "JVNDB", id: "JVNDB-2012-001374", }, { db: "PACKETSTORM", id: "109963", }, { db: "CNNVD", id: "CNNVD-201202-180", }, { db: "NVD", id: "CVE-2011-3971", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2012-02-09T00:00:00", db: "VULHUB", id: "VHN-51916", }, { date: "2012-02-08T00:00:00", db: "BID", id: "51911", }, { date: "2012-02-13T00:00:00", db: "JVNDB", id: "JVNDB-2012-001374", }, { date: "2012-02-21T02:42:28", db: "PACKETSTORM", id: "109963", }, { date: "2012-02-10T00:00:00", db: "CNNVD", id: "CNNVD-201202-180", }, { date: "2012-02-09T04:10:29.207000", db: "NVD", id: "CVE-2011-3971", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2020-05-08T00:00:00", db: "VULHUB", id: "VHN-51916", }, { date: "2015-04-13T22:14:00", db: "BID", id: "51911", }, { date: "2013-04-08T00:00:00", db: "JVNDB", id: "JVNDB-2012-001374", }, { date: "2020-05-09T00:00:00", db: "CNNVD", id: "CNNVD-201202-180", }, { date: "2024-11-21T01:31:37.623000", db: "NVD", id: "CVE-2011-3971", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-201202-180", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Used in multiple products Webkit Service disruption in (DoS) Vulnerabilities", sources: [ { db: "JVNDB", id: "JVNDB-2012-001374", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "resource management error", sources: [ { db: "CNNVD", id: "CNNVD-201202-180", }, ], trust: 0.6, }, }
Log in or create an account to share your comment.
Security Advisory comment format.
This schema specifies the format of a comment related to a security advisory.
Title of the comment
Description of the comment
Loading…
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.