CVE-2011-3881

EPSS 0.5%
Published 25.10.2011 19:55:01
Last modified 11.04.2025 00:51:21
Source chrome-cve-admin@google.com
Teams watchlist Login
Open Login

WebKit, as used in Google Chrome before 15.0.874.102 and Android before 4.4, allows remote attackers to bypass the Same Origin Policy and conduct Universal XSS (UXSS) attacks via vectors related to (1) the DOMWindow::clear function and use of a selection object, (2) the Object::GetRealNamedPropertyInPrototypeChain function and use of an __proto__ property, (3) the HTMLPlugInImageElement::allowedToLoadFrameURL function and use of a javascript: URL, (4) incorrect origins for XSLT-generated documents in the XSLTProcessor::createDocumentFromSource function, and (5) improper handling of synchronous frame loads in the ScriptController::executeIfJavaScriptURL function.

Affected products Warnungen 0 Metrics 2 CWE 1 References 18

Data is provided by the National Vulnerability Database (NVD)

Google ≫ Chrome Version < 15.0.874.102

Google ≫ Android Version < 4.4

Apple ≫ Safari Version < 5.1.4

Apple ≫ iPhone OS Version < 5.1

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.5%	0.632

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	4.3	8.6	2.9	AV:N/AC:M/Au:N/C:N/I:P/A:N

CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.

http://lists.apple.com/archives/security-announce/2012/Mar/msg00001.html

http://lists.apple.com/archives/security-announce/2012/Mar/msg00003.html

http://secunia.com/advisories/48288

http://secunia.com/advisories/48377

http://www.securitytracker.com/id?1026774

http://googlechromereleases.blogspot.com/2011/10/chrome-stable-release.html

http://code.google.com/p/chromium/issues/detail?id=96047

http://code.google.com/p/chromium/issues/detail?id=96885

http://code.google.com/p/chromium/issues/detail?id=98053

http://code.google.com/p/chromium/issues/detail?id=99512

http://code.google.com/p/chromium/issues/detail?id=99750

http://www.rafayhackingarticles.net/2014/10/a-tale-of-another-sop-bypass-in-android.html