Vulnerability Details : CVE-2011-3107
Google Chrome before 19.0.1084.52 does not properly implement JavaScript bindings for plug-ins, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via unknown vectors.
Vulnerability category: Denial of service
Products affected by CVE-2011-3107
- cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1084.45:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1044.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1043.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1040.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1039.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1034.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1035.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1048.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1049.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1054.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1055.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1057.1:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1057.3:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1061.1:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1062.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1062.1:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1045.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1036.7:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1036.6:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1030.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1031.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1028.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1029.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1050.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1051.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1055.3:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1056.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1059.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1060.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1064.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1065.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1071.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1072.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1077.1:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1077.2:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1082.1:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1083.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1084.14:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1084.15:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1084.21:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1084.22:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1084.3:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1084.30:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1084.38:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1084.39:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1084.46:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1084.47:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1084.9:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1068.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1068.1:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1075.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1076.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1079.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1080.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1081.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1084.10:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1084.11:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1084.18:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1084.19:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1084.26:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1084.27:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1084.33:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1084.35:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1084.41:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1084.42:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1084.50:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1084.6:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1036.4:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1036.3:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1032.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1033.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1046.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1047.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1052.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1053.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1056.1:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1057.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1060.1:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1061.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1066.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1067.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1073.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1074.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1077.3:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1078.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1084.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1084.1:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1084.16:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1084.17:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1084.23:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1084.24:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1084.25:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1084.31:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1084.32:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1084.4:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1084.40:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1084.48:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1084.5:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1042.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1041.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1038.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1037.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1036.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1036.2:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1049.1:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1049.2:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1049.3:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1055.1:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1055.2:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1058.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1058.1:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1063.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1063.1:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1069.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1070.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1076.1:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1077.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1081.2:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1082.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1084.12:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1084.13:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1084.2:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1084.20:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1084.28:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1084.29:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1084.36:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1084.37:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1084.43:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1084.44:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1084.7:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1084.8:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2011-3107
1.87%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 87 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2011-3107
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
7.5
|
HIGH | AV:N/AC:L/Au:N/C:P/I:P/A:P |
10.0
|
6.4
|
NIST |
References for CVE-2011-3107
-
http://www.securitytracker.com/id?1027098
Google Chrome Multiple Flaws Let Remote Users Execute Arbitrary Code - SecurityTracker
-
http://googlechromereleases.blogspot.com/2012/05/stable-channel-update_23.html
Chrome Releases: Stable Channel UpdateVendor Advisory
-
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15409
Repository / Oval Repository
-
http://code.google.com/p/chromium/issues/detail?id=124625
124625 - Chrome: Crash Report - Stack Signature: WebCore::npObjectNamedGetter<WebCore::V8HTM... - chromium - Monorail
-
http://www.securityfocus.com/bid/53679
Google Chrome Prior to 19.0.1084.52 Multiple Security Vulnerabilities
-
http://security.gentoo.org/glsa/glsa-201205-04.xml
Chromium, V8: Multiple vulnerabilities (GLSA 201205-04) — Gentoo security
Jump to