7.5

CVE-2011-1123

Exploit
Google Chrome before 9.0.597.107 does not properly restrict access to internal extension functions, which has unspecified impact and remote attack vectors.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
GoogleChrome Version < 9.0.597.107
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 1.23% 0.649
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.5 10 6.4
AV:N/AC:L/Au:N/C:P/I:P/A:P
CWE-863 Incorrect Authorization

The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check.

http://googlechromereleases.blogspot.com/2011/02/stable-channel-update_28.html
Vendor Advisory
http://www.securityfocus.com/bid/46614
Third Party Advisory
VDB Entry
http://code.google.com/p/chromium/issues/detail?id=72214
Patch
Vendor Advisory
Exploit
Issue Tracking
https://exchange.xforce.ibmcloud.com/vulnerabilities/65741
Third Party Advisory
VDB Entry
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13978
Third Party Advisory