CVE-2011-3079

EUVD-2011-3047
The Inter-process Communication (IPC) implementation in Google Chrome before 18.0.1025.168, as used in Mozilla Firefox before 38.0 and other products, does not properly validate messages, which has unspecified impact and attack vectors.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
10 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:C/I:C/A:C
Base Score
CVSS 3.x
EPSS Score
Percentile: 73%
Affected Products (NVD)
VendorProductVersion
opensuseopensuse
13.1
opensuseopensuse
13.2
googlechrome
𝑥
≤ 18.0.1025.166
mozillafirefox
𝑥
≤ 31.6
mozillafirefox
𝑥
≤ 37.0.2
mozillaseamonkey
𝑥
≤ 2.33.0
mozillathunderbird
𝑥
≤ 31.6
mozillathunderbird
𝑥
≤ 38.0
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
chromium-browser
hardy
dne
lucid
Fixed 3.0.1271.97-0ubuntu0.10.04.1
released
natty
ignored
oneiric
Fixed 3.0.1271.97-0ubuntu0.11.10.1
released
precise
Fixed 3.0.1271.97-0ubuntu0.12.04.1
released
quantal
Fixed 3.0.1271.97-0ubuntu0.12.10.1
released
firefox
precise
not-affected
trusty
dne
utopic
not-affected
vivid
not-affected
thunderbird
precise
not-affected
trusty
dne
utopic
not-affected
vivid
not-affected
Common Weakness Enumeration
References
http://code.google.com/p/chromium/issues/detail?id=117627
http://googlechromereleases.blogspot.com/2012/04/stable-channel-update_30.html
http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00012.html
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00031.html
http://lists.opensuse.org/opensuse-updates/2015-05/msg00036.html
http://osvdb.org/81645
http://rhn.redhat.com/errata/RHSA-2015-1012.html
http://secunia.com/advisories/48992
http://www.debian.org/security/2015/dsa-3260
http://www.mozilla.org/security/announce/2015/mfsa2015-57.html
http://www.securityfocus.com/bid/53309
http://www.securitytracker.com/id?1027001
https://bugzilla.mozilla.org/show_bug.cgi?id=1087565
https://exchange.xforce.ibmcloud.com/vulnerabilities/75271
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14964
https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird31.7
http://code.google.com/p/chromium/issues/detail?id=117627
http://googlechromereleases.blogspot.com/2012/04/stable-channel-update_30.html
http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00012.html
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00031.html
http://lists.opensuse.org/opensuse-updates/2015-05/msg00036.html
http://osvdb.org/81645
http://rhn.redhat.com/errata/RHSA-2015-1012.html
http://secunia.com/advisories/48992
http://www.debian.org/security/2015/dsa-3260
http://www.mozilla.org/security/announce/2015/mfsa2015-57.html
http://www.securityfocus.com/bid/53309
http://www.securitytracker.com/id?1027001
https://bugzilla.mozilla.org/show_bug.cgi?id=1087565
https://exchange.xforce.ibmcloud.com/vulnerabilities/75271
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14964
https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird31.7