CVE-2011-2805

Google Chrome before 13.0.782.107 allows remote attackers to bypass the Same Origin Policy and conduct script injection attacks via unspecified vectors.
Injection
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
6.8 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:P/I:P/A:P
ChromeCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 67%
VendorProductVersion
googlechrome
𝑥
< 13.0.782.107
applesafari
𝑥
< 5.1.1
appleiphone_os
𝑥
< 5.0
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
chromium-browser
oneiric
not-affected
natty
Fixed 14.0.835.202~r103287-0ubuntu0.11.04.1
released
maverick
Fixed 14.0.835.202~r103287-0ubuntu0.10.10.1
released
lucid
Fixed 14.0.835.202~r103287-0ubuntu0.10.04.2
released
hardy
dne
Common Weakness Enumeration
References
http://code.google.com/p/chromium/issues/detail?id=89520
http://googlechromereleases.blogspot.com/2011/08/stable-channel-update.html
http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html
http://lists.apple.com/archives/Security-announce/2011//Oct/msg00004.html
http://osvdb.org/74257
http://support.apple.com/kb/HT4999
http://support.apple.com/kb/HT5000
https://exchange.xforce.ibmcloud.com/vulnerabilities/68967
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14583
http://code.google.com/p/chromium/issues/detail?id=89520
http://googlechromereleases.blogspot.com/2011/08/stable-channel-update.html
http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html
http://lists.apple.com/archives/Security-announce/2011//Oct/msg00004.html
http://osvdb.org/74257
http://support.apple.com/kb/HT4999
http://support.apple.com/kb/HT5000
https://exchange.xforce.ibmcloud.com/vulnerabilities/68967
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14583