CVE-2011-3062

Common vulnerabilities & exposures (CVE)

CVE database CVE database blogpost Release & EoL database

Published at: - 31-03-2012 12:55

Last modified: - 24-09-2022 03:03

Total changes: - 2

Description

Off-by-one error in the OpenType Sanitizer in Google Chrome before 18.0.1025.142 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted OpenType file.

Common Vulnerability Scoring System (CVSS)

AV:N/AC:M/Au:N/C:P/I:P/A:P

Low

Attack complexity

Network

Attack vector

Low

Availability

Low

Confidentiality

Low

Integrity

Privileges required

Scope

User interaction

6.8

Base score

8.6

6.4

Exploitability score

Impact score

Verification logic

Reference

http://googlechromereleases.blogspot.com/2012/03/stable-channel-release-and-beta-channel.html
http://code.google.com/p/chromium/issues/detail?id=116524
http://www.mozilla.org/security/announce/2012/mfsa2012-31.html
https://bugzilla.mozilla.org/show_bug.cgi?id=739925
80740-Broken Link
48618-Not Applicable
1026877-Third Party Advisory, VDB Entry
48691-Not Applicable
49047-Not Applicable
49055-Not Applicable
48972-Not Applicable
48763-Not Applicable
chrome-sanitizer-code-exec(74412)-Third Party Advisory, VDB Entry
oval:org.mitre.oval:def:15488-Third Party Advisory
MDVSA-2012:081-Not Applicable
MDVSA-2012:066-Not Applicable

Keywords

CVE-2011-3062

Common vulnerabilities & exposures (CVE)

Description

Common Vulnerability Scoring System (CVSS)

Verification logic

Reference

NVD

CVE-2011-3062

CVE

Common vulnerabilities & exposures

CVSS

Common vulnerability scoring system

Security

Vulnerabilities

Exposures