Vulnerability Details : CVE-2011-3110
The PDF functionality in Google Chrome before 19.0.1084.52 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger out-of-bounds write operations.
Vulnerability category: OverflowDenial of service
Products affected by CVE-2011-3110
- cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1084.45:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1044.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1043.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1040.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1039.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1034.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1035.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1048.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1049.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1054.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1055.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1057.1:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1057.3:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1061.1:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1062.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1062.1:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1045.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1036.7:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1036.6:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1030.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1031.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1028.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1029.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1050.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1051.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1055.3:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1056.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1059.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1060.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1064.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1065.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1071.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1072.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1077.1:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1077.2:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1082.1:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1083.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1084.14:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1084.15:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1084.21:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1084.22:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1084.3:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1084.30:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1084.38:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1084.39:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1084.46:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1084.47:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1084.9:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1068.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1068.1:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1075.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1076.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1079.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1080.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1081.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1084.10:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1084.11:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1084.18:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1084.19:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1084.26:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1084.27:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1084.33:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1084.35:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1084.41:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1084.42:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1084.50:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1084.6:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1036.4:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1036.3:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1032.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1033.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1046.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1047.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1052.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1053.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1056.1:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1057.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1060.1:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1061.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1066.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1067.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1073.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1074.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1077.3:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1078.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1084.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1084.1:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1084.16:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1084.17:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1084.23:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1084.24:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1084.25:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1084.31:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1084.32:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1084.4:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1084.40:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1084.48:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1084.5:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1042.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1041.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1038.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1037.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1036.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1036.2:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1049.1:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1049.2:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1049.3:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1055.1:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1055.2:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1058.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1058.1:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1063.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1063.1:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1069.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1070.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1076.1:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1077.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1081.2:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1082.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1084.12:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1084.13:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1084.2:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1084.20:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1084.28:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1084.29:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1084.36:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1084.37:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1084.43:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1084.44:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1084.7:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1084.8:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2011-3110
1.82%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 87 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2011-3110
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
7.5
|
HIGH | AV:N/AC:L/Au:N/C:P/I:P/A:P |
10.0
|
6.4
|
NIST |
CWE ids for CVE-2011-3110
-
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.Assigned by: nvd@nist.gov (Primary)
References for CVE-2011-3110
-
http://code.google.com/p/chromium/issues/detail?id=127868
Inloggen - Google Accounts
-
http://www.securitytracker.com/id?1027098
Google Chrome Multiple Flaws Let Remote Users Execute Arbitrary Code - SecurityTracker
-
http://code.google.com/p/chromium/issues/detail?id=126378
Inloggen - Google Accounts
-
http://code.google.com/p/chromium/issues/detail?id=127819
Inloggen - Google Accounts
-
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14666
Repository / Oval Repository
-
http://googlechromereleases.blogspot.com/2012/05/stable-channel-update_23.html
Chrome Releases: Stable Channel UpdateVendor Advisory
-
http://code.google.com/p/chromium/issues/detail?id=126343
126343 - OOB write in PDF character code mapping - chromium - Monorail
-
http://code.google.com/p/chromium/issues/detail?id=127349
Inloggen - Google Accounts
-
http://code.google.com/p/chromium/issues/detail?id=126337
126337 - Stack buffer overflow in character range parsing - chromium - Monorail
-
http://www.securityfocus.com/bid/53679
Google Chrome Prior to 19.0.1084.52 Multiple Security Vulnerabilities
Jump to