CVE-2011-3065 : Skia, as used in Google Chrome before 18.0.1025.142, allows remote attackers to

Skia, as used in Google Chrome before 18.0.1025.142, allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.

Published 2012-03-30 22:55:02

Updated 2025-04-11 00:51:22

Source MITRE

View at NVD, CVE.org

Vulnerability category: Memory CorruptionDenial of service

Products affected by CVE-2011-3065

Google » Chrome
Versions before (<) 18.0.1025.142
cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2011-3065

EPSS FAQ

1.79%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 81 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2011-3065

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
6.8	MEDIUM	AV:N/AC:M/Au:N/C:P/I:P/A:P	8.6	6.4	NIST
Access Vector: Network Access Complexity: Medium Authentication: None Confidentiality Impact: Partial Integrity Impact: Partial Availability Impact: Partial

CWE ids for CVE-2011-3065

CWE-190 Integer Overflow or Wraparound

The product performs a calculation that can produce an integer overflow or wraparound when the logic assumes that the resulting value will always be larger than the original value. This occurs when an integer value is incremented to a value that is too large to store in the associated representation. When this occurs, the value may become a very small or negative number.

Assigned by: nvd@nist.gov (Primary)

References for CVE-2011-3065

http://osvdb.org/80743

Broken Link
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15415

Repository / Oval Repository
Third Party Advisory
http://secunia.com/advisories/48618

Sign in
Third Party Advisory

CVEs referencing this url
http://secunia.com/advisories/48763

Sign in
Third Party Advisory

CVEs referencing this url
http://googlechromereleases.blogspot.com/2012/03/stable-channel-release-and-beta-channel.html

Chrome Releases: Stable Channel Release and Beta Channel Update
Release Notes;Vendor Advisory

CVEs referencing this url
http://code.google.com/p/chromium/issues/detail?id=117588

117588 - Security: Memory Corruption in MaskSuperBlitter - chromium - Monorail
Exploit;Vendor Advisory
http://www.securitytracker.com/id?1026877

Google Chrome Multiple Flaws Let Remote Users Execute Arbitrary Code - SecurityTracker
Third Party Advisory;VDB Entry

CVEs referencing this url
http://secunia.com/advisories/48691

Sign in
Third Party Advisory

CVEs referencing this url
http://www.securityfocus.com/bid/52762

Google Chrome Prior to 18.0.1025.142 Multiple Security Vulnerabilities
Third Party Advisory;VDB Entry

CVEs referencing this url
https://exchange.xforce.ibmcloud.com/vulnerabilities/74415

Google Chrome Skia code execution CVE-2011-3065 Vulnerability Report
Third Party Advisory;VDB Entry

Jump to

Vulnerability Details : CVE-2011-3065

Products affected by CVE-2011-3065

Exploit prediction scoring system (EPSS) score for CVE-2011-3065

CVSS scores for CVE-2011-3065

CWE ids for CVE-2011-3065

References for CVE-2011-3065