CVE-2011-2819

Google Chrome before 13.0.782.107 allows remote attackers to bypass the Same Origin Policy via vectors related to handling of the base URI.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
6.8 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:P/I:P/A:P
ChromeCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 71%
VendorProductVersion
googlechrome
𝑥
< 13.0.782.107
applesafari
𝑥
< 5.1.1
appleiphone_os
𝑥
< 5.0
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
chromium-browser
oneiric
not-affected
natty
Fixed 14.0.835.202~r103287-0ubuntu0.11.04.1
released
maverick
Fixed 14.0.835.202~r103287-0ubuntu0.10.10.1
released
lucid
Fixed 14.0.835.202~r103287-0ubuntu0.10.04.2
released
hardy
dne
References
http://code.google.com/p/chromium/issues/detail?id=90222
http://googlechromereleases.blogspot.com/2011/08/stable-channel-update.html
http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html
http://lists.apple.com/archives/Security-announce/2011//Oct/msg00004.html
http://osvdb.org/74258
http://support.apple.com/kb/HT4999
http://support.apple.com/kb/HT5000
https://exchange.xforce.ibmcloud.com/vulnerabilities/68969
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13716
http://code.google.com/p/chromium/issues/detail?id=90222
http://googlechromereleases.blogspot.com/2011/08/stable-channel-update.html
http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html
http://lists.apple.com/archives/Security-announce/2011//Oct/msg00004.html
http://osvdb.org/74258
http://support.apple.com/kb/HT4999
http://support.apple.com/kb/HT5000
https://exchange.xforce.ibmcloud.com/vulnerabilities/68969
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13716