CVE-2011-1435

Опубликовано: 03 мая 2011

Источник: nvd

CVSS2: 5

EPSS Низкий

Описание

Google Chrome before 11.0.696.57 does not properly implement the tabs permission for extensions, which allows remote attackers to read local files via a crafted extension.

Ссылки

http://code.google.com/p/chromium/issues/detail?id=72523
Exploit
Issue Tracking
Patch
Vendor Advisory
http://googlechromereleases.blogspot.com/2011/04/chrome-stable-update.html
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/67142
Third Party Advisory
VDB Entry
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14586
Third Party Advisory
http://code.google.com/p/chromium/issues/detail?id=72523
Exploit
Issue Tracking
Patch
Vendor Advisory
http://googlechromereleases.blogspot.com/2011/04/chrome-stable-update.html
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/67142
Third Party Advisory
VDB Entry
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14586
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*

Версия до 11.0.696.57 (исключая)

EPSS

Процентиль: 75%

0.00922

Низкий

5 Medium

CVSS2

Дефекты

CWE-276

Связанные уязвимости

CVE-2011-1435

ubuntu

больше 14 лет назад

Google Chrome before 11.0.696.57 does not properly implement the tabs permission for extensions, which allows remote attackers to read local files via a crafted extension.

CVE-2011-1435

debian

больше 14 лет назад

Google Chrome before 11.0.696.57 does not properly implement the tabs ...

GHSA-hmfw-8qff-cjm9

github

больше 3 лет назад

Google Chrome before 11.0.696.57 does not properly implement the tabs permission for extensions, which allows remote attackers to read local files via a crafted extension.

EPSS

Процентиль: 75%

0.00922

Низкий

5 Medium

CVSS2

Дефекты

CWE-276