Vulnerability Name: CVE-2011-1295 (CCN-66302) Assigned: 2011-03-24 Published: 2011-03-24 Updated: 2020-05-29 Summary: WebKit, as used in Google Chrome before 10.0.648.204 and Apple Safari before 5.0.6, does not properly handle node parentage, which allows remote attackers to cause a denial of service (DOM tree corruption), conduct cross-site scripting (XSS) attacks, or possibly have unspecified other impact via unknown vectors. CVSS v3 Severity: 7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L )Exploitability Metrics: Attack Vector (AV): NetworkAttack Complexity (AC): LowPrivileges Required (PR): NoneUser Interaction (UI): NoneScope: Scope (S): UnchangedImpact Metrics: Confidentiality (C): LowIntegrity (I): LowAvailibility (A): Low
CVSS v2 Severity: 7.5 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P )5.5 Medium (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C )Exploitability Metrics: Access Vector (AV): NetworkAccess Complexity (AC): LowAuthentication (Au): NoneImpact Metrics: Confidentiality (C): PartialIntegrity (I): PartialAvailibility (A): Partial
6.8 Medium (CCN CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P )5.0 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C )Exploitability Metrics: Access Vector (AV): NetworkAccess Complexity (AC): MediumAthentication (Au): NoneImpact Metrics: Confidentiality (C): PartialIntegrity (I): PartialAvailibility (A): Partial
Vulnerability Type: CWE-20 Vulnerability Consequences: Gain Access References: Source: CONFIRM Type: Permissions Requiredhttp://code.google.com/p/chromium/issues/detail?id=74991 Source: MITRE Type: CNACVE-2011-1295 Source: CCN Type: Google Chrome Releases Web siteStable Channel Update Source: CONFIRM Type: Vendor Advisoryhttp://googlechromereleases.blogspot.com/2011/03/stable-channel-update.html Source: APPLE Type: Mailing List, Third Party AdvisoryAPPLE-SA-2011-07-20-1 Source: APPLE Type: Mailing List, Third Party AdvisoryAPPLE-SA-2011-10-12-1 Source: CCN Type: SA43859Google Chrome Multiple Vulnerabilities Source: SECUNIA Type: Third Party Advisory43859 Source: CCN Type: SA45325Apple Safari Multiple Vulnerabilities Source: CCN Type: Apple KB HT4808About the security content of Safari 5.1 and Safari 5.0.6 Source: CONFIRM Type: Third Party Advisoryhttp://support.apple.com/kb/HT4808 Source: CONFIRM Type: Third Party Advisoryhttp://support.apple.com/kb/HT4999 Source: CCN Type: OSVDB ID: 72263Google Chrome Broken Node Parentage DOM Tree Corruption Source: BID Type: Third Party Advisory, VDB Entry47029 Source: CCN Type: BID-47029Google Chrome Prior to 10.0.648.204 Multiple Security Vulnerabilities Source: VUPEN Type: Permissions RequiredADV-2011-0765 Source: XF Type: Third Party Advisory, VDB Entrygoogle-chrome-node-code-exec(66302) Source: XF Type: UNKNOWNgoogle-chrome-node-code-exec(66302) Source: OVAL Type: Third Party Advisoryoval:org.mitre.oval:def:14269 Vulnerable Configuration: Configuration 1 :cpe:/a:google:chrome:*:*:*:*:*:*:*:* (Version < 10.0.648.204)Configuration 2 :cpe:/a:apple:safari:*:*:*:*:*:*:*:* (Version < 5.0.6)OR cpe:/o:apple:iphone_os:*:*:*:*:*:*:*:* (Version < 5.0) Configuration CCN 1 :cpe:/a:google:chrome:10.0.648.82:*:*:*:*:*:*:* OR cpe:/a:google:chrome:10.0.601.0:*:*:*:*:*:*:* OR cpe:/a:google:chrome:10.0.602.0:*:*:*:*:*:*:* OR cpe:/a:google:chrome:10.0.603.0:*:*:*:*:*:*:* OR cpe:/a:google:chrome:10.0.603.2:*:*:*:*:*:*:* OR cpe:/a:google:chrome:10.0.603.3:*:*:*:*:*:*:* OR cpe:/a:google:chrome:10.0.604.0:*:*:*:*:*:*:* OR cpe:/a:google:chrome:10.0.605.0:*:*:*:*:*:*:* OR cpe:/a:google:chrome:10.0.606.0:*:*:*:*:*:*:* OR cpe:/a:google:chrome:10.0.607.0:*:*:*:*:*:*:* OR cpe:/a:google:chrome:10.0.608.0:*:*:*:*:*:*:* OR cpe:/a:google:chrome:10.0.609.0:*:*:*:*:*:*:* OR cpe:/a:google:chrome:10.0.610.0:*:*:*:*:*:*:* OR cpe:/a:google:chrome:10.0.611.0:*:*:*:*:*:*:* OR cpe:/a:google:chrome:10.0.611.1:*:*:*:*:*:*:* OR cpe:/a:google:chrome:10.0.612.0:*:*:*:*:*:*:* OR cpe:/a:google:chrome:10.0.612.1:*:*:*:*:*:*:* OR cpe:/a:google:chrome:10.0.612.2:*:*:*:*:*:*:* OR cpe:/a:google:chrome:10.0.612.3:*:*:*:*:*:*:* OR cpe:/a:google:chrome:10.0.613.0:*:*:*:*:*:*:* OR cpe:/a:google:chrome:10.0.614.0:*:*:*:*:*:*:* OR cpe:/a:google:chrome:10.0.615.0:*:*:*:*:*:*:* OR cpe:/a:google:chrome:10.0.616.0:*:*:*:*:*:*:* OR cpe:/a:google:chrome:10.0.617.0:*:*:*:*:*:*:* OR cpe:/a:google:chrome:10.0.618.0:*:*:*:*:*:*:* OR cpe:/a:google:chrome:10.0.619.0:*:*:*:*:*:*:* OR cpe:/a:google:chrome:10.0.620.0:*:*:*:*:*:*:* OR cpe:/a:google:chrome:10.0.621.0:*:*:*:*:*:*:* OR cpe:/a:google:chrome:10.0.622.0:*:*:*:*:*:*:* OR cpe:/a:google:chrome:10.0.622.1:*:*:*:*:*:*:* OR cpe:/a:google:chrome:10.0.623.0:*:*:*:*:*:*:* OR cpe:/a:google:chrome:10.0.624.0:*:*:*:*:*:*:* OR cpe:/a:google:chrome:10.0.625.0:*:*:*:*:*:*:* OR cpe:/a:google:chrome:10.0.626.0:*:*:*:*:*:*:* OR cpe:/a:google:chrome:10.0.627.0:*:*:*:*:*:*:* OR cpe:/a:google:chrome:10.0.628.0:*:*:*:*:*:*:* OR cpe:/a:google:chrome:10.0.629.0:*:*:*:*:*:*:* OR cpe:/a:google:chrome:10.0.630.0:*:*:*:*:*:*:* OR cpe:/a:google:chrome:10.0.631.0:*:*:*:*:*:*:* OR cpe:/a:google:chrome:10.0.632.0:*:*:*:*:*:*:* OR cpe:/a:google:chrome:10.0.633.0:*:*:*:*:*:*:* OR cpe:/a:google:chrome:10.0.634.0:*:*:*:*:*:*:* OR cpe:/a:google:chrome:10.0.634.1:*:*:*:*:*:*:* OR cpe:/a:google:chrome:10.0.635.0:*:*:*:*:*:*:* OR cpe:/a:google:chrome:10.0.636.0:*:*:*:*:*:*:* OR cpe:/a:google:chrome:10.0.638.0:*:*:*:*:*:*:* OR cpe:/a:google:chrome:10.0.638.1:*:*:*:*:*:*:* OR cpe:/a:google:chrome:10.0.639.0:*:*:*:*:*:*:* OR cpe:/a:google:chrome:10.0.640.0:*:*:*:*:*:*:* OR cpe:/a:google:chrome:10.0.642.0:*:*:*:*:*:*:* OR cpe:/a:google:chrome:10.0.642.1:*:*:*:*:*:*:* OR cpe:/a:google:chrome:10.0.642.2:*:*:*:*:*:*:* OR cpe:/a:google:chrome:10.0.643.0:*:*:*:*:*:*:* OR cpe:/a:google:chrome:10.0.644.0:*:*:*:*:*:*:* OR cpe:/a:google:chrome:10.0.645.0:*:*:*:*:*:*:* OR cpe:/a:google:chrome:10.0.646.0:*:*:*:*:*:*:* OR cpe:/a:google:chrome:10.0.647.0:*:*:*:*:*:*:* OR cpe:/a:google:chrome:10.0.648.0:*:*:*:*:*:*:* OR cpe:/a:google:chrome:10.0.648.1:*:*:*:*:*:*:* OR cpe:/a:google:chrome:10.0.648.10:*:*:*:*:*:*:* OR cpe:/a:google:chrome:10.0.648.101:*:*:*:*:*:*:* OR cpe:/a:google:chrome:10.0.648.103:*:*:*:*:*:*:* OR cpe:/a:google:chrome:10.0.648.105:*:*:*:*:*:*:* OR cpe:/a:google:chrome:10.0.648.107:*:*:*:*:*:*:* OR cpe:/a:google:chrome:10.0.648.11:*:*:*:*:*:*:* OR cpe:/a:google:chrome:10.0.648.114:*:*:*:*:*:*:* OR cpe:/a:google:chrome:10.0.648.116:*:*:*:*:*:*:* OR cpe:/a:google:chrome:10.0.648.118:*:*:*:*:*:*:* OR cpe:/a:google:chrome:10.0.648.119:*:*:*:*:*:*:* OR cpe:/a:google:chrome:10.0.648.12:*:*:*:*:*:*:* OR cpe:/a:google:chrome:10.0.648.120:*:*:*:*:*:*:* OR cpe:/a:google:chrome:10.0.648.121:*:*:*:*:*:*:* OR cpe:/a:google:chrome:10.0.648.122:*:*:*:*:*:*:* OR cpe:/a:google:chrome:10.0.648.123:*:*:*:*:*:*:* OR cpe:/a:google:chrome:10.0.648.124:*:*:*:*:*:*:* OR cpe:/a:google:chrome:10.0.648.125:*:*:*:*:*:*:* OR cpe:/a:google:chrome:10.0.648.126:*:*:*:*:*:*:* OR cpe:/a:google:chrome:10.0.648.127:*:*:*:*:*:*:* OR cpe:/a:google:chrome:10.0.648.128:*:*:*:*:*:*:* OR cpe:/a:google:chrome:10.0.648.129:*:*:*:*:*:*:* OR cpe:/a:google:chrome:10.0.648.13:*:*:*:*:*:*:* OR cpe:/a:google:chrome:10.0.648.130:*:*:*:*:*:*:* OR cpe:/a:google:chrome:10.0.648.131:*:*:*:*:*:*:* OR cpe:/a:google:chrome:10.0.648.132:*:*:*:*:*:*:* OR cpe:/a:google:chrome:10.0.648.133:*:*:*:*:*:*:* OR cpe:/a:google:chrome:10.0.648.134:*:*:*:*:*:*:* OR cpe:/a:google:chrome:10.0.648.135:*:*:*:*:*:*:* OR cpe:/a:google:chrome:10.0.648.151:*:*:*:*:*:*:* OR cpe:/a:google:chrome:10.0.648.18:*:*:*:*:*:*:* OR cpe:/a:google:chrome:10.0.648.2:*:*:*:*:*:*:* OR cpe:/a:google:chrome:10.0.648.201:*:*:*:*:*:*:* OR cpe:/a:google:chrome:10.0.648.203:*:*:*:*:*:*:* OR cpe:/a:google:chrome:10.0.648.23:*:*:*:*:*:*:* OR cpe:/a:google:chrome:10.0.648.26:*:*:*:*:*:*:* OR cpe:/a:google:chrome:10.0.648.28:*:*:*:*:*:*:* OR cpe:/a:google:chrome:10.0.648.3:*:*:*:*:*:*:* OR cpe:/a:google:chrome:10.0.648.32:*:*:*:*:*:*:* OR cpe:/a:google:chrome:10.0.648.35:*:*:*:*:*:*:* OR cpe:/a:google:chrome:10.0.648.38:*:*:*:*:*:*:* OR cpe:/a:google:chrome:10.0.648.4:*:*:*:*:*:*:* OR cpe:/a:google:chrome:10.0.648.42:*:*:*:*:*:*:* OR cpe:/a:google:chrome:10.0.648.45:*:*:*:*:*:*:* OR cpe:/a:google:chrome:10.0.648.49:*:*:*:*:*:*:* OR cpe:/a:google:chrome:10.0.648.5:*:*:*:*:*:*:* OR cpe:/a:google:chrome:10.0.648.54:*:*:*:*:*:*:* OR cpe:/a:google:chrome:10.0.648.56:*:*:*:*:*:*:* OR cpe:/a:google:chrome:10.0.648.59:*:*:*:*:*:*:* OR cpe:/a:google:chrome:10.0.648.6:*:*:*:*:*:*:* OR cpe:/a:google:chrome:10.0.648.62:*:*:*:*:*:*:* OR cpe:/a:google:chrome:10.0.648.66:*:*:*:*:*:*:* OR cpe:/a:google:chrome:10.0.648.68:*:*:*:*:*:*:* OR cpe:/a:google:chrome:10.0.648.7:*:*:*:*:*:*:* OR cpe:/a:google:chrome:10.0.648.70:*:*:*:*:*:*:* OR cpe:/a:google:chrome:10.0.648.72:*:*:*:*:*:*:* OR cpe:/a:google:chrome:10.0.648.76:*:*:*:*:*:*:* OR cpe:/a:google:chrome:10.0.648.79:*:*:*:*:*:*:* OR cpe:/a:google:chrome:10.0.648.8:*:*:*:*:*:*:* OR cpe:/a:google:chrome:10.0.648.84:*:*:*:*:*:*:* OR cpe:/a:google:chrome:10.0.648.87:*:*:*:*:*:*:* OR cpe:/a:google:chrome:10.0.648.9:*:*:*:*:*:*:* OR cpe:/a:google:chrome:10.0.648.90:*:*:*:*:*:*:* OR cpe:/a:apple:safari:5.0.6:*:*:*:*:*:*:* OR cpe:/a:apple:safari:5.1:*:*:*:*:*:*:* AND cpe:/a:google:chrome:11.0.696.13:*:*:*:*:*:*:* OR cpe:/a:google:chrome:10.0.649.0:*:*:*:*:*:*:* OR cpe:/a:google:chrome:10.0.650.0:*:*:*:*:*:*:* OR cpe:/a:google:chrome:10.0.651.0:*:*:*:*:*:*:* OR cpe:/a:google:chrome:11.0.652.0:*:*:*:*:*:*:* OR cpe:/a:google:chrome:11.0.653.0:*:*:*:*:*:*:* OR cpe:/a:google:chrome:11.0.654.0:*:*:*:*:*:*:* OR cpe:/a:google:chrome:11.0.655.0:*:*:*:*:*:*:* OR cpe:/a:google:chrome:11.0.656.0:*:*:*:*:*:*:* OR cpe:/a:google:chrome:11.0.657.0:*:*:*:*:*:*:* OR cpe:/a:google:chrome:11.0.658.0:*:*:*:*:*:*:* OR cpe:/a:google:chrome:11.0.658.1:*:*:*:*:*:*:* OR cpe:/a:google:chrome:11.0.659.0:*:*:*:*:*:*:* OR cpe:/a:google:chrome:11.0.660.0:*:*:*:*:*:*:* OR cpe:/a:google:chrome:11.0.661.0:*:*:*:*:*:*:* OR cpe:/a:google:chrome:11.0.662.0:*:*:*:*:*:*:* OR cpe:/a:google:chrome:11.0.663.0:*:*:*:*:*:*:* OR cpe:/a:google:chrome:11.0.664.1:*:*:*:*:*:*:* OR cpe:/a:google:chrome:11.0.665.0:*:*:*:*:*:*:* OR cpe:/a:google:chrome:11.0.666.0:*:*:*:*:*:*:* OR cpe:/a:google:chrome:11.0.667.0:*:*:*:*:*:*:* Denotes that component is vulnerable Oval Definitions Definition ID Class Title Last Modified oval:org.mitre.oval:def:14269 V WebKit, as used in Google Chrome before 10.0.648.204 and Apple Safari before 5.0.6, does not properly handle node parentage, which allows remote attackers to cause a denial of service (DOM tree corruption), conduct cross-site scripting (XSS) attacks, or possibly have unspecified other impact via unknown vectors. 2014-04-07
BACK
google chrome *
apple safari *
apple iphone os *
google chrome 10.0.648.82
google chrome 10.0.601.0
google chrome 10.0.602.0
google chrome 10.0.603.0
google chrome 10.0.603.2
google chrome 10.0.603.3
google chrome 10.0.604.0
google chrome 10.0.605.0
google chrome 10.0.606.0
google chrome 10.0.607.0
google chrome 10.0.608.0
google chrome 10.0.609.0
google chrome 10.0.610.0
google chrome 10.0.611.0
google chrome 10.0.611.1
google chrome 10.0.612.0
google chrome 10.0.612.1
google chrome 10.0.612.2
google chrome 10.0.612.3
google chrome 10.0.613.0
google chrome 10.0.614.0
google chrome 10.0.615.0
google chrome 10.0.616.0
google chrome 10.0.617.0
google chrome 10.0.618.0
google chrome 10.0.619.0
google chrome 10.0.620.0
google chrome 10.0.621.0
google chrome 10.0.622.0
google chrome 10.0.622.1
google chrome 10.0.623.0
google chrome 10.0.624.0
google chrome 10.0.625.0
google chrome 10.0.626.0
google chrome 10.0.627.0
google chrome 10.0.628.0
google chrome 10.0.629.0
google chrome 10.0.630.0
google chrome 10.0.631.0
google chrome 10.0.632.0
google chrome 10.0.633.0
google chrome 10.0.634.0
google chrome 10.0.634.1
google chrome 10.0.635.0
google chrome 10.0.636.0
google chrome 10.0.638.0
google chrome 10.0.638.1
google chrome 10.0.639.0
google chrome 10.0.640.0
google chrome 10.0.642.0
google chrome 10.0.642.1
google chrome 10.0.642.2
google chrome 10.0.643.0
google chrome 10.0.644.0
google chrome 10.0.645.0
google chrome 10.0.646.0
google chrome 10.0.647.0
google chrome 10.0.648.0
google chrome 10.0.648.1
google chrome 10.0.648.10
google chrome 10.0.648.101
google chrome 10.0.648.103
google chrome 10.0.648.105
google chrome 10.0.648.107
google chrome 10.0.648.11
google chrome 10.0.648.114
google chrome 10.0.648.116
google chrome 10.0.648.118
google chrome 10.0.648.119
google chrome 10.0.648.12
google chrome 10.0.648.120
google chrome 10.0.648.121
google chrome 10.0.648.122
google chrome 10.0.648.123
google chrome 10.0.648.124
google chrome 10.0.648.125
google chrome 10.0.648.126
google chrome 10.0.648.127
google chrome 10.0.648.128
google chrome 10.0.648.129
google chrome 10.0.648.13
google chrome 10.0.648.130
google chrome 10.0.648.131
google chrome 10.0.648.132
google chrome 10.0.648.133
google chrome 10.0.648.134
google chrome 10.0.648.135
google chrome 10.0.648.151
google chrome 10.0.648.18
google chrome 10.0.648.2
google chrome 10.0.648.201
google chrome 10.0.648.203
google chrome 10.0.648.23
google chrome 10.0.648.26
google chrome 10.0.648.28
google chrome 10.0.648.3
google chrome 10.0.648.32
google chrome 10.0.648.35
google chrome 10.0.648.38
google chrome 10.0.648.4
google chrome 10.0.648.42
google chrome 10.0.648.45
google chrome 10.0.648.49
google chrome 10.0.648.5
google chrome 10.0.648.54
google chrome 10.0.648.56
google chrome 10.0.648.59
google chrome 10.0.648.6
google chrome 10.0.648.62
google chrome 10.0.648.66
google chrome 10.0.648.68
google chrome 10.0.648.7
google chrome 10.0.648.70
google chrome 10.0.648.72
google chrome 10.0.648.76
google chrome 10.0.648.79
google chrome 10.0.648.8
google chrome 10.0.648.84
google chrome 10.0.648.87
google chrome 10.0.648.9
google chrome 10.0.648.90
apple safari 5.0.6
apple safari 5.1
google chrome 11.0.696.13
google chrome 10.0.649.0
google chrome 10.0.650.0
google chrome 10.0.651.0
google chrome 11.0.652.0
google chrome 11.0.653.0
google chrome 11.0.654.0
google chrome 11.0.655.0
google chrome 11.0.656.0
google chrome 11.0.657.0
google chrome 11.0.658.0
google chrome 11.0.658.1
google chrome 11.0.659.0
google chrome 11.0.660.0
google chrome 11.0.661.0
google chrome 11.0.662.0
google chrome 11.0.663.0
google chrome 11.0.664.1
google chrome 11.0.665.0
google chrome 11.0.666.0
google chrome 11.0.667.0