CVE-2011-3079

The Inter-process Communication (IPC) implementation in Google Chrome before 18.0.1025.168, as used in Mozilla Firefox before 38.0 and other products, does not properly validate messages, which has unspecified impact and attack vectors.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
10 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:C/I:C/A:C
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 73%
VendorProductVersion
opensuseopensuse
13.1
opensuseopensuse
13.2
googlechrome
𝑥
≤ 18.0.1025.166
mozillafirefox
𝑥
≤ 37.0.2
mozillafirefox_esr
𝑥
≤ 31.6
mozillaseamonkey
𝑥
≤ 2.33.0
mozillathunderbird
𝑥
≤ 31.6
mozillathunderbird
𝑥
≤ 38.0
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
chromium-browser
quantal
Fixed 3.0.1271.97-0ubuntu0.12.10.1
released
precise
Fixed 3.0.1271.97-0ubuntu0.12.04.1
released
oneiric
Fixed 3.0.1271.97-0ubuntu0.11.10.1
released
natty
ignored
lucid
Fixed 3.0.1271.97-0ubuntu0.10.04.1
released
hardy
dne
firefox
vivid
not-affected
utopic
not-affected
trusty
dne
precise
not-affected
thunderbird
vivid
not-affected
utopic
not-affected
trusty
dne
precise
not-affected
Common Weakness Enumeration
References
http://code.google.com/p/chromium/issues/detail?id=117627
http://googlechromereleases.blogspot.com/2012/04/stable-channel-update_30.html
http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00012.html
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00031.html
http://lists.opensuse.org/opensuse-updates/2015-05/msg00036.html
http://osvdb.org/81645
http://rhn.redhat.com/errata/RHSA-2015-1012.html
http://secunia.com/advisories/48992
http://www.debian.org/security/2015/dsa-3260
http://www.mozilla.org/security/announce/2015/mfsa2015-57.html
http://www.securityfocus.com/bid/53309
http://www.securitytracker.com/id?1027001
https://bugzilla.mozilla.org/show_bug.cgi?id=1087565
https://exchange.xforce.ibmcloud.com/vulnerabilities/75271
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14964
https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird31.7
http://code.google.com/p/chromium/issues/detail?id=117627
http://googlechromereleases.blogspot.com/2012/04/stable-channel-update_30.html
http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00012.html
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00031.html
http://lists.opensuse.org/opensuse-updates/2015-05/msg00036.html
http://osvdb.org/81645
http://rhn.redhat.com/errata/RHSA-2015-1012.html
http://secunia.com/advisories/48992
http://www.debian.org/security/2015/dsa-3260
http://www.mozilla.org/security/announce/2015/mfsa2015-57.html
http://www.securityfocus.com/bid/53309
http://www.securitytracker.com/id?1027001
https://bugzilla.mozilla.org/show_bug.cgi?id=1087565
https://exchange.xforce.ibmcloud.com/vulnerabilities/75271
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14964
https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird31.7