Vulnerability Name: | CVE-2011-1114 (CCN-65732) |
Assigned: | 2011-02-28 |
Published: | 2011-02-28 |
Updated: | 2020-06-04 |
Summary: | Google Chrome before 9.0.597.107 does not properly handle tables, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale node."
|
CVSS v3 Severity: | 5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)Exploitability Metrics: | Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None | Scope: | Scope (S): Unchanged
| Impact Metrics: | Confidentiality (C): None Integrity (I): None Availibility (A): Low |
|
CVSS v2 Severity: | 7.5 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P) 5.5 Medium (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)Exploitability Metrics: | Access Vector (AV): Network Access Complexity (AC): Low Authentication (Au): None | Impact Metrics: | Confidentiality (C): Partial Integrity (I): Partial Availibility (A): Partial | 4.3 Medium (CCN CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P) 3.2 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C)Exploitability Metrics: | Access Vector (AV): Network Access Complexity (AC): Medium Athentication (Au): None
| Impact Metrics: | Confidentiality (C): None Integrity (I): None Availibility (A): Partial |
|
Vulnerability Type: | CWE-noinfo
|
Vulnerability Consequences: | Denial of Service |
References: | Source: CONFIRM Type: Exploit, Issue Tracking, Patch, Vendor Advisory http://code.google.com/p/chromium/issues/detail?id=71114
Source: MITRE Type: CNA CVE-2011-1114
Source: CCN Type: Google Chrome Releases Web site Stable Channel Update
Source: CONFIRM Type: Vendor Advisory http://googlechromereleases.blogspot.com/2011/02/stable-channel-update_28.html
Source: APPLE Type: Mailing List, Third Party Advisory APPLE-SA-2011-07-20-1
Source: APPLE Type: Mailing List, Third Party Advisory APPLE-SA-2011-10-11-1
Source: APPLE Type: Mailing List, Third Party Advisory APPLE-SA-2011-10-12-1
Source: CCN Type: SA43519 Google Chrome Multiple Vulnerabilities
Source: CCN Type: SA45325 Apple Safari Multiple Vulnerabilities
Source: CCN Type: Apple KB HT4808 About the security content of Safari 5.1 and Safari 5.0.6
Source: CONFIRM Type: Third Party Advisory http://support.apple.com/kb/HT4808
Source: CONFIRM Type: Third Party Advisory http://support.apple.com/kb/HT4981
Source: CONFIRM Type: Third Party Advisory http://support.apple.com/kb/HT4999
Source: DEBIAN Type: DSA-2189 chromium-browser -- several vulnerabilities
Source: CCN Type: OSVDB ID: 72279 Google Chrome Table Handling Unspecified DoS
Source: BID Type: Third Party Advisory, VDB Entry 46614
Source: CCN Type: BID-46614 Google Chrome prior to 9.0.597.107 Multiple Security Vulnerabilities
Source: XF Type: Third Party Advisory, VDB Entry google-chrome-table-dos(65732)
Source: XF Type: UNKNOWN google-chrome-table-dos(65732)
Source: OVAL Type: Third Party Advisory oval:org.mitre.oval:def:14404
|
Vulnerable Configuration: | Configuration 1: cpe:/a:google:chrome:*:*:*:*:*:*:*:* (Version < 9.0.597.107) Configuration 2: cpe:/a:apple:itunes:*:*:*:*:*:*:*:* (Version < 10.5)OR cpe:/a:apple:safari:*:*:*:*:*:*:*:* (Version < 5.0.6)OR cpe:/o:apple:iphone_os:*:*:*:*:*:*:*:* (Version < 5.0) Configuration CCN 1: cpe:/a:google:chrome:9.0.597.84:*:*:*:*:*:*:*OR cpe:/a:google:chrome:9.0.563.0:*:*:*:*:*:*:*OR cpe:/a:google:chrome:9.0.562.0:*:*:*:*:*:*:*OR cpe:/a:google:chrome:9.0.565.0:*:*:*:*:*:*:*OR cpe:/a:google:chrome:9.0.564.0:*:*:*:*:*:*:*OR cpe:/a:google:chrome:9.0.586.0:*:*:*:*:*:*:*OR cpe:/a:google:chrome:9.0.587.0:*:*:*:*:*:*:*OR cpe:/a:google:chrome:9.0.584.0:*:*:*:*:*:*:*OR cpe:/a:google:chrome:9.0.585.0:*:*:*:*:*:*:*OR cpe:/a:google:chrome:9.0.582.0:*:*:*:*:*:*:*OR cpe:/a:google:chrome:9.0.583.0:*:*:*:*:*:*:*OR cpe:/a:google:chrome:9.0.580.0:*:*:*:*:*:*:*OR cpe:/a:google:chrome:9.0.581.0:*:*:*:*:*:*:*OR cpe:/a:google:chrome:9.0.593.0:*:*:*:*:*:*:*OR cpe:/a:google:chrome:9.0.594.0:*:*:*:*:*:*:*OR cpe:/a:google:chrome:9.0.591.0:*:*:*:*:*:*:*OR cpe:/a:google:chrome:9.0.592.0:*:*:*:*:*:*:*OR cpe:/a:google:chrome:9.0.589.0:*:*:*:*:*:*:*OR cpe:/a:google:chrome:9.0.590.0:*:*:*:*:*:*:*OR cpe:/a:google:chrome:9.0.587.1:*:*:*:*:*:*:*OR cpe:/a:google:chrome:9.0.588.0:*:*:*:*:*:*:*OR cpe:/a:google:chrome:9.0.572.0:*:*:*:*:*:*:*OR cpe:/a:google:chrome:9.0.571.0:*:*:*:*:*:*:*OR cpe:/a:google:chrome:9.0.570.1:*:*:*:*:*:*:*OR cpe:/a:google:chrome:9.0.570.0:*:*:*:*:*:*:*OR cpe:/a:google:chrome:9.0.569.0:*:*:*:*:*:*:*OR cpe:/a:google:chrome:9.0.568.0:*:*:*:*:*:*:*OR cpe:/a:google:chrome:9.0.567.0:*:*:*:*:*:*:*OR cpe:/a:google:chrome:9.0.566.0:*:*:*:*:*:*:*OR cpe:/a:google:chrome:9.0.579.0:*:*:*:*:*:*:*OR cpe:/a:google:chrome:9.0.578.0:*:*:*:*:*:*:*OR cpe:/a:google:chrome:9.0.577.0:*:*:*:*:*:*:*OR cpe:/a:google:chrome:9.0.576.0:*:*:*:*:*:*:*OR cpe:/a:google:chrome:9.0.575.0:*:*:*:*:*:*:*OR cpe:/a:google:chrome:9.0.574.0:*:*:*:*:*:*:*OR cpe:/a:google:chrome:9.0.573.0:*:*:*:*:*:*:*OR cpe:/a:google:chrome:9.0.572.1:*:*:*:*:*:*:*OR cpe:/a:google:chrome:9.0.597.26:*:*:*:*:*:*:*OR cpe:/a:google:chrome:9.0.597.27:*:*:*:*:*:*:*OR cpe:/a:google:chrome:9.0.597.28:*:*:*:*:*:*:*OR cpe:/a:google:chrome:9.0.597.29:*:*:*:*:*:*:*OR cpe:/a:google:chrome:9.0.597.22:*:*:*:*:*:*:*OR cpe:/a:google:chrome:9.0.597.23:*:*:*:*:*:*:*OR cpe:/a:google:chrome:9.0.597.24:*:*:*:*:*:*:*OR cpe:/a:google:chrome:9.0.597.25:*:*:*:*:*:*:*OR cpe:/a:google:chrome:9.0.597.34:*:*:*:*:*:*:*OR cpe:/a:google:chrome:9.0.597.35:*:*:*:*:*:*:*OR cpe:/a:google:chrome:9.0.597.36:*:*:*:*:*:*:*OR cpe:/a:google:chrome:9.0.597.37:*:*:*:*:*:*:*OR cpe:/a:google:chrome:9.0.597.30:*:*:*:*:*:*:*OR cpe:/a:google:chrome:9.0.597.31:*:*:*:*:*:*:*OR cpe:/a:google:chrome:9.0.597.32:*:*:*:*:*:*:*OR cpe:/a:google:chrome:9.0.597.33:*:*:*:*:*:*:*OR cpe:/a:google:chrome:9.0.597.11:*:*:*:*:*:*:*OR cpe:/a:google:chrome:9.0.597.10:*:*:*:*:*:*:*OR cpe:/a:google:chrome:9.0.597.14:*:*:*:*:*:*:*OR cpe:/a:google:chrome:9.0.597.12:*:*:*:*:*:*:*OR cpe:/a:google:chrome:9.0.596.0:*:*:*:*:*:*:*OR cpe:/a:google:chrome:9.0.595.0:*:*:*:*:*:*:*OR cpe:/a:google:chrome:9.0.597.1:*:*:*:*:*:*:*OR cpe:/a:google:chrome:9.0.597.0:*:*:*:*:*:*:*OR cpe:/a:google:chrome:9.0.597.2:*:*:*:*:*:*:*OR cpe:/a:google:chrome:9.0.597.19:*:*:*:*:*:*:*OR cpe:/a:google:chrome:9.0.597.21:*:*:*:*:*:*:*OR cpe:/a:google:chrome:9.0.597.20:*:*:*:*:*:*:*OR cpe:/a:google:chrome:9.0.597.16:*:*:*:*:*:*:*OR cpe:/a:google:chrome:9.0.597.15:*:*:*:*:*:*:*OR cpe:/a:google:chrome:9.0.597.18:*:*:*:*:*:*:*OR cpe:/a:google:chrome:9.0.597.17:*:*:*:*:*:*:*OR cpe:/a:google:chrome:9.0.597.62:*:*:*:*:*:*:*OR cpe:/a:google:chrome:9.0.597.63:*:*:*:*:*:*:*OR cpe:/a:google:chrome:9.0.597.59:*:*:*:*:*:*:*OR cpe:/a:google:chrome:9.0.597.60:*:*:*:*:*:*:*OR cpe:/a:google:chrome:9.0.597.66:*:*:*:*:*:*:*OR cpe:/a:google:chrome:9.0.597.67:*:*:*:*:*:*:*OR cpe:/a:google:chrome:9.0.597.64:*:*:*:*:*:*:*OR cpe:/a:google:chrome:9.0.597.65:*:*:*:*:*:*:*OR cpe:/a:google:chrome:9.0.597.7:*:*:*:*:*:*:*OR cpe:/a:google:chrome:9.0.597.70:*:*:*:*:*:*:*OR cpe:/a:google:chrome:9.0.597.68:*:*:*:*:*:*:*OR cpe:/a:google:chrome:9.0.597.69:*:*:*:*:*:*:*OR cpe:/a:google:chrome:9.0.597.73:*:*:*:*:*:*:*OR cpe:/a:google:chrome:9.0.597.74:*:*:*:*:*:*:*OR cpe:/a:google:chrome:9.0.597.71:*:*:*:*:*:*:*OR cpe:/a:google:chrome:9.0.597.72:*:*:*:*:*:*:*OR cpe:/a:google:chrome:9.0.597.40:*:*:*:*:*:*:*OR cpe:/a:google:chrome:9.0.597.4:*:*:*:*:*:*:*OR cpe:/a:google:chrome:9.0.597.39:*:*:*:*:*:*:*OR cpe:/a:google:chrome:9.0.597.38:*:*:*:*:*:*:*OR cpe:/a:google:chrome:9.0.597.45:*:*:*:*:*:*:*OR cpe:/a:google:chrome:9.0.597.44:*:*:*:*:*:*:*OR cpe:/a:google:chrome:9.0.597.42:*:*:*:*:*:*:*OR cpe:/a:google:chrome:9.0.597.41:*:*:*:*:*:*:*OR cpe:/a:google:chrome:9.0.597.54:*:*:*:*:*:*:*OR cpe:/a:google:chrome:9.0.597.5:*:*:*:*:*:*:*OR cpe:/a:google:chrome:9.0.597.47:*:*:*:*:*:*:*OR cpe:/a:google:chrome:9.0.597.46:*:*:*:*:*:*:*OR cpe:/a:google:chrome:9.0.597.58:*:*:*:*:*:*:*OR cpe:/a:google:chrome:9.0.597.57:*:*:*:*:*:*:*OR cpe:/a:google:chrome:9.0.597.56:*:*:*:*:*:*:*OR cpe:/a:google:chrome:9.0.597.55:*:*:*:*:*:*:*OR cpe:/a:google:chrome:9.0.597.75:*:*:*:*:*:*:*OR cpe:/a:google:chrome:9.0.597.76:*:*:*:*:*:*:*OR cpe:/a:google:chrome:9.0.597.77:*:*:*:*:*:*:*OR cpe:/a:google:chrome:9.0.597.78:*:*:*:*:*:*:*OR cpe:/a:google:chrome:9.0.597.79:*:*:*:*:*:*:*OR cpe:/a:google:chrome:9.0.597.8:*:*:*:*:*:*:*OR cpe:/a:google:chrome:9.0.597.80:*:*:*:*:*:*:*OR cpe:/a:google:chrome:9.0.597.81:*:*:*:*:*:*:*OR cpe:/a:google:chrome:9.0.597.82:*:*:*:*:*:*:*OR cpe:/a:google:chrome:9.0.597.85:*:*:*:*:*:*:*OR cpe:/a:google:chrome:9.0.597.86:*:*:*:*:*:*:*OR cpe:/a:google:chrome:9.0.597.92:*:*:*:*:*:*:*OR cpe:/a:google:chrome:9.0.597.90:*:*:*:*:*:*:*OR cpe:/a:google:chrome:9.0.597.9:*:*:*:*:*:*:*OR cpe:/a:google:chrome:9.0.597.88:*:*:*:*:*:*:*OR cpe:/a:google:chrome:9.0.597.83:*:*:*:*:*:*:*OR cpe:/a:apple:safari:5.0.6:*:*:*:*:*:*:*OR cpe:/a:apple:safari:5.1:*:*:*:*:*:*:* Denotes that component is vulnerable |
Oval Definitions |
Definition ID | Class | Title | Last Modified |
---|
oval:org.mitre.oval:def:12793 | P | DSA-2189-1 chromium-browser -- several | 2014-06-23 | oval:org.mitre.oval:def:14404 | V | Google Chrome before 9.0.597.107 does not properly handle tables, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale node." | 2014-04-07 |
|
BACK |