Vulnerability Details : CVE-2011-3115
Google V8, as used in Google Chrome before 19.0.1084.52, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger "type corruption."
Vulnerability category: OverflowDenial of service
Products affected by CVE-2011-3115
- cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1084.45:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1044.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1043.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1040.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1039.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1034.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1035.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1048.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1049.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1054.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1055.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1057.1:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1057.3:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1061.1:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1062.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1062.1:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1045.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1036.7:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1036.6:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1030.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1031.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1028.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1029.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1050.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1051.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1055.3:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1056.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1059.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1060.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1064.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1065.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1071.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1072.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1077.1:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1077.2:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1082.1:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1083.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1084.14:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1084.15:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1084.21:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1084.22:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1084.3:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1084.30:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1084.38:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1084.39:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1084.46:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1084.47:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1084.9:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1068.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1068.1:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1075.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1076.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1079.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1080.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1081.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1084.10:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1084.11:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1084.18:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1084.19:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1084.26:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1084.27:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1084.33:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1084.35:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1084.41:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1084.42:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1084.50:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1084.6:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1036.4:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1036.3:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1032.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1033.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1046.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1047.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1052.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1053.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1056.1:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1057.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1060.1:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1061.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1066.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1067.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1073.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1074.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1077.3:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1078.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1084.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1084.1:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1084.16:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1084.17:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1084.23:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1084.24:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1084.25:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1084.31:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1084.32:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1084.4:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1084.40:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1084.48:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1084.5:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1042.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1041.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1038.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1037.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1036.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1036.2:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1049.1:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1049.2:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1049.3:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1055.1:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1055.2:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1058.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1058.1:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1063.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1063.1:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1069.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1070.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1076.1:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1077.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1081.2:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1082.0:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1084.12:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1084.13:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1084.2:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1084.20:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1084.28:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1084.29:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1084.36:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1084.37:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1084.43:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1084.44:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1084.7:*:*:*:*:*:*:*
- cpe:2.3:a:google:chrome:19.0.1084.8:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2011-3115
1.87%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 87 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2011-3115
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
7.5
|
HIGH | AV:N/AC:L/Au:N/C:P/I:P/A:P |
10.0
|
6.4
|
NIST |
CWE ids for CVE-2011-3115
-
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.Assigned by: nvd@nist.gov (Primary)
References for CVE-2011-3115
-
http://www.securitytracker.com/id?1027098
Google Chrome Multiple Flaws Let Remote Users Execute Arbitrary Code - SecurityTracker
-
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15433
Repository / Oval Repository
-
http://code.google.com/p/chromium/issues/detail?id=128018
128018 - [LangFuzz] Crash in v8::internal::ShortCircuitConsString with invalid read - chromium - Monorail
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/75853
Google Chrome type corruption code execution CVE-2011-3115 Vulnerability Report
-
http://googlechromereleases.blogspot.com/2012/05/stable-channel-update_23.html
Chrome Releases: Stable Channel UpdateVendor Advisory
-
http://www.securityfocus.com/bid/53679
Google Chrome Prior to 19.0.1084.52 Multiple Security Vulnerabilities
-
http://security.gentoo.org/glsa/glsa-201205-04.xml
Chromium, V8: Multiple vulnerabilities (GLSA 201205-04) — Gentoo security
Jump to