Vulnerability CVE-2011-1440 - CERT Civis.Net

Vulnerability Name:

CVE-2011-1440 (CCN-67147)

Assigned:

2011-04-27

Published:

2011-04-27

Updated:

2020-05-22

Summary:

Use-after-free vulnerability in Google Chrome before 11.0.696.57 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the ruby element and Cascading Style Sheets (CSS) token sequences.

CVSS v3 Severity:

7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): Low Integrity (I): Low Availibility (A): Low

CVSS v2 Severity:

6.8 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P)
5.0 Medium (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Authentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): Partial

6.8 Medium (CCN CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P)
5.0 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Athentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): Partial

Vulnerability Type:

Vulnerability Consequences:

Gain Access

References:

Source: CONFIRM
Type: Exploit, Issue Tracking, Patch, Vendor Advisory
http://code.google.com/p/chromium/issues/detail?id=75186

Source: MITRE
Type: CNA
CVE-2011-1440

Source: CONFIRM
Type: Vendor Advisory
http://googlechromereleases.blogspot.com/2011/04/chrome-stable-update.html

Source: CCN
Type: Google Chrome Releases Web site
Chrome Stable Update

Source: APPLE
Type: Mailing List, Third Party Advisory
APPLE-SA-2011-10-11-1

Source: APPLE
Type: Mailing List, Third Party Advisory
APPLE-SA-2011-10-12-4

Source: CCN
Type: SA44375
Google Chrome Multiple Vulnerabilities

Source: CONFIRM
Type: Third Party Advisory
http://support.apple.com/kb/HT4981

Source: CONFIRM
Type: Broken Link
http://support.apple.com/kb/HT5000

Source: DEBIAN
Type: Third Party Advisory
DSA-2245

Source: DEBIAN
Type: DSA-2245
chromium-browser -- several vulnerabilities

Source: CCN
Type: OSVDB ID: 72205
Google Chrome <ruby> Tag / CSS Use-after-free Unspecified DoS

Source: CCN
Type: BID-47604
Google Chrome Prior to 11.0.696.57 Multiple Security Vulnerabilities

Source: XF
Type: Third Party Advisory, VDB Entry
chrome-ruby-css-code-exec(67147)

Source: XF
Type: UNKNOWN
chrome-ruby-css-code-exec(67147)

Source: OVAL
Type: Third Party Advisory
oval:org.mitre.oval:def:14083

Vulnerable Configuration:

Configuration 1:

cpe:/a:google:chrome:*:*:*:*:*:*:*:* (Version < 11.0.696.57)

Configuration 2:

cpe:/o:debian:debian_linux:6.0:*:*:*:*:*:*:*

OR cpe:/o:debian:debian_linux:7.0:*:*:*:*:*:*:*

Configuration 3:

cpe:/a:apple:itunes:*:*:*:*:*:*:*:* (Version < 10.5)

OR cpe:/a:apple:safari:*:*:*:*:*:*:*:* (Version < 5.1.1)

Configuration CCN 1:

cpe:/a:google:chrome:10.0.648.82:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:10.0.601.0:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:10.0.602.0:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:10.0.603.0:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:10.0.603.2:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:10.0.603.3:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:10.0.604.0:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:10.0.605.0:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:10.0.606.0:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:10.0.607.0:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:10.0.608.0:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:10.0.609.0:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:10.0.610.0:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:10.0.611.0:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:10.0.611.1:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:10.0.612.0:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:10.0.612.1:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:10.0.612.2:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:10.0.612.3:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:10.0.613.0:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:10.0.614.0:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:10.0.615.0:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:10.0.616.0:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:10.0.617.0:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:10.0.618.0:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:10.0.619.0:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:10.0.620.0:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:10.0.621.0:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:10.0.622.0:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:10.0.622.1:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:10.0.623.0:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:10.0.624.0:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:10.0.625.0:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:10.0.626.0:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:10.0.627.0:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:10.0.628.0:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:10.0.629.0:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:10.0.630.0:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:10.0.631.0:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:10.0.632.0:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:10.0.633.0:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:10.0.634.0:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:10.0.634.1:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:10.0.635.0:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:10.0.636.0:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:10.0.638.0:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:10.0.638.1:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:10.0.639.0:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:10.0.640.0:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:10.0.642.0:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:10.0.642.1:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:10.0.642.2:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:10.0.643.0:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:10.0.644.0:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:10.0.645.0:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:10.0.646.0:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:10.0.647.0:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:10.0.648.0:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:10.0.648.1:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:10.0.648.10:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:10.0.648.101:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:10.0.648.103:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:10.0.648.105:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:10.0.648.107:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:10.0.648.11:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:10.0.648.114:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:10.0.648.116:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:10.0.648.118:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:10.0.648.119:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:10.0.648.12:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:10.0.648.120:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:10.0.648.121:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:10.0.648.122:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:10.0.648.123:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:10.0.648.124:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:10.0.648.125:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:10.0.648.126:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:10.0.648.127:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:10.0.648.128:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:10.0.648.129:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:10.0.648.13:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:10.0.648.130:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:10.0.648.131:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:10.0.648.132:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:10.0.648.133:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:10.0.648.134:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:10.0.648.135:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:10.0.648.151:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:10.0.648.18:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:10.0.648.2:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:10.0.648.201:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:10.0.648.203:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:10.0.648.23:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:10.0.648.26:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:10.0.648.28:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:10.0.648.3:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:10.0.648.32:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:10.0.648.35:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:10.0.648.38:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:10.0.648.4:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:10.0.648.42:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:10.0.648.45:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:10.0.648.49:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:10.0.648.5:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:10.0.648.54:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:10.0.648.56:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:10.0.648.59:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:10.0.648.6:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:10.0.648.62:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:10.0.648.66:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:10.0.648.68:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:10.0.648.7:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:10.0.648.70:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:10.0.648.72:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:10.0.648.76:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:10.0.648.79:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:10.0.648.8:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:10.0.648.84:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:10.0.648.87:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:10.0.648.9:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:10.0.648.90:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:10.0.649.0:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:10.0.650.0:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:10.0.651.0:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:10.0.648.204:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:10.0.648.205:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.mitre.oval:def:13001	P	DSA-2245-1 chromium-browser -- several vulnerabilities	2014-06-23
oval:org.mitre.oval:def:14083	V	Use-after-free vulnerability in Google Chrome before 11.0.696.57 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the ruby element and Cascading Style Sheets (CSS) token sequences.	2014-04-07