4.3

CVE-2011-3054

The WebUI privilege implementation in Google Chrome before 17.0.963.83 does not properly perform isolation, which allows remote attackers to bypass intended access restrictions via unspecified vectors.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
GoogleChrome Version < 17.0.963.83
OpensuseOpensuse Version12.1
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 1.82% 0.759
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 4.3 8.6 2.9
AV:N/AC:M/Au:N/C:N/I:P/A:N
CWE-269 Improper Privilege Management

The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.

http://secunia.com/advisories/48527
Not Applicable
http://security.gentoo.org/glsa/glsa-201203-19.xml
Third Party Advisory
http://googlechromereleases.blogspot.com/2012/03/stable-channel-update_21.html
Vendor Advisory
Release Notes
http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00000.html
Third Party Advisory
Mailing List
http://secunia.com/advisories/48512
Not Applicable
http://www.securityfocus.com/bid/52674
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id?1026841
Third Party Advisory
VDB Entry
http://code.google.com/p/chromium/issues/detail?id=117418
Vendor Advisory
http://osvdb.org/80292
Broken Link
https://exchange.xforce.ibmcloud.com/vulnerabilities/74214
Third Party Advisory
VDB Entry
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15028
Third Party Advisory