Vulnerability Details : CVE-2011-0981
Google Chrome before 9.0.597.94 does not properly perform event handling for animations, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer."
Vulnerability category: Input validationDenial of service
Exploit prediction scoring system (EPSS) score for CVE-2011-0981
Probability of exploitation activity in the next 30 days: 0.68%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 79 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2011-0981
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
|---|---|---|---|---|---|
|
7.5
|
HIGH | AV:N/AC:L/Au:N/C:P/I:P/A:P |
10.0
|
6.4
|
NIST |
CWE ids for CVE-2011-0981
-
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.Assigned by: nvd@nist.gov (Primary)
References for CVE-2011-0981
-
http://googlechromereleases.blogspot.com/2011/02/stable-channel-update_08.html
Chrome Releases: Stable Channel UpdateVendor Advisory
-
http://lists.apple.com/archives/security-announce/2011//Jul/msg00002.html
Apple - Lists.apple.comMailing List;Third Party Advisory
-
http://support.apple.com/kb/HT4981
About the security content of iTunes 10.5 - Apple SupportThird Party Advisory
-
http://www.srware.net/forum/viewtopic.php?f=18&t=2190
New Iron-Version: 9.0.600.2 Stable for Windows - SRWare.netPatch;Third Party Advisory
-
http://lists.apple.com/archives/Security-announce/2011//Oct/msg00000.html
Apple - Lists.apple.comMailing List;Third Party Advisory
-
http://code.google.com/p/chromium/issues/detail?id=67234
67234 - Webkit crashes during animation event processing - chromium - MonorailExploit;Issue Tracking;Vendor Advisory
-
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14320
Repository / Oval RepositoryThird Party Advisory
-
http://www.debian.org/security/2011/dsa-2166
Debian -- Security Information -- DSA-2166-1 chromium-browserThird Party Advisory
-
http://support.apple.com/kb/HT4808
About the security content of Safari 5.1 and Safari 5.0.6 - Apple SupportThird Party Advisory
-
http://www.securityfocus.com/bid/46262
Google Chrome prior to 9.0.597.94 Multiple Security VulnerabilitiesThird Party Advisory;VDB Entry
-
http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html
Apple - Lists.apple.comMailing List;Third Party Advisory
-
http://support.apple.com/kb/HT4999
About the security content of iOS 5 Software Update - Apple SupportThird Party Advisory
-
http://www.vupen.com/english/advisories/2011/0408
Webmail | OVH- OVHPermissions Required
Products affected by CVE-2011-0981
- cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
- cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*
- cpe:2.3:a:apple:itunes:*:*:*:*:*:*:*:*
- cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*