5

CVE-2011-3022

translate/translate_manager.cc in Google Chrome before 17.0.963.56 and 19.x before 19.0.1036.7 uses an HTTP session to exchange data for translation, which allows remote attackers to obtain sensitive information by sniffing the network.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
GoogleChrome Version < 17.0.963.56
GoogleChrome Version >= 19.0 < 19.0.1036.7
GoogleChrome Version19.0.1028.0
GoogleChrome Version19.0.1029.0
GoogleChrome Version19.0.1030.0
GoogleChrome Version19.0.1031.0
GoogleChrome Version19.0.1032.0
GoogleChrome Version19.0.1033.0
GoogleChrome Version19.0.1034.0
GoogleChrome Version19.0.1035.0
GoogleChrome Version19.0.1036.0
GoogleChrome Version19.0.1036.2
GoogleChrome Version19.0.1036.3
GoogleChrome Version19.0.1036.4
GoogleChrome Version19.0.1036.6
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.77% 0.507
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5 10 2.9
AV:N/AC:L/Au:N/C:P/I:N/A:N
CWE-319 Cleartext Transmission of Sensitive Information

The product transmits sensitive or security-critical data in cleartext in a communication channel that can be sniffed by unauthorized actors.

http://googlechromereleases.blogspot.com/2012/02/chrome-stable-update.html
Vendor Advisory
Release Notes
http://secunia.com/advisories/48016
Not Applicable
http://code.google.com/p/chromium/issues/detail?id=112236
Broken Link
http://googlechromereleases.blogspot.com/2012/02/dev-channel-update_10.html
Vendor Advisory
Release Notes
http://src.chromium.org/viewvc/chrome?view=rev&revision=120113
Patch
Vendor Advisory
Issue Tracking
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15025
Third Party Advisory