Vulnerability Details : CVE-2011-1302
Heap-based buffer overflow in the GPU process in Google Chrome before 10.0.648.205 allows remote attackers to execute arbitrary code via unknown vectors.
Vulnerability category: OverflowMemory CorruptionExecute code
Products affected by CVE-2011-1302
- cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2011-1302
7.82%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 94 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2011-1302
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
9.3
|
HIGH | AV:N/AC:M/Au:N/C:C/I:C/A:C |
8.6
|
10.0
|
NIST |
CWE ids for CVE-2011-1302
-
The product writes data past the end, or before the beginning, of the intended buffer.Assigned by: nvd@nist.gov (Primary)
References for CVE-2011-1302
-
http://www.vupen.com/english/advisories/2011/1006
Webmail | OVH- OVHPermissions Required
-
http://code.google.com/p/chromium/issues/detail?id=78524
78524 - ANGLE buffer overflow - chromium - MonorailIssue Tracking;Vendor Advisory
-
http://www.securitytracker.com/id?1025377
Google Chrome Heap Overflow and Memory Errors Let Remote Users Execute Arbitrary Code - SecurityTrackerThird Party Advisory;VDB Entry
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/66768
Google Chrome GPU process buffer overflow CVE-2011-1302 Vulnerability ReportThird Party Advisory;VDB Entry
-
http://www.securityfocus.com/bid/47377
Google Chrome Prior to 10.0.648.205 Multiple Security VulnerabilitiesThird Party Advisory;VDB Entry
-
http://googlechromereleases.blogspot.com/2011/04/stable-channel-update.html
Chrome Releases: Stable Channel UpdateVendor Advisory
-
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14737
Repository / Oval RepositoryThird Party Advisory
Jump to