CVE-2011-3079
Debian Security Advisory 3260-1
Severity Score
9.8
*CVSS v3
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
The Inter-process Communication (IPC) implementation in Google Chrome before 18.0.1025.168, as used in Mozilla Firefox before 38.0 and other products, does not properly validate messages, which has unspecified impact and attack vectors.
La implementación de Inter-process Communication (IPC) en Google Chrome en versiones anteriores a 18.0.1025.168, tal como se utiliza en Mozilla Firefox en versiones anteriores a 38.0 y otros productos, no valida mensajes adecuadamente, lo que tiene un impacto y vectores de ataque no especificados.
Multiple security issues have been found in Iceweasel, Debian's version buffer overflows and use-after-frees may lead to the execution of arbitrary code, privilege escalation or denial of service.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2011-08-09 CVE Reserved
- 2012-05-01 CVE Published
- 2024-08-06 CVE Updated
- 2025-03-30 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-399: Resource Management Errors
CAPEC
References (16)
| URL | Tag | Source |
|---|---|---|
| http://code.google.com/p/chromium/issues/detail?id=117627 | X_refsource_confirm | |
| http://googlechromereleases.blogspot.com/2012/04/stable-channel-update_30.html | X_refsource_confirm | |
| http://osvdb.org/81645 | Vdb Entry | |
| http://secunia.com/advisories/48992 | Third Party Advisory | |
| http://www.mozilla.org/security/announce/2015/mfsa2015-57.html | X_refsource_confirm | |
| http://www.securityfocus.com/bid/53309 | Vdb Entry | |
| http://www.securitytracker.com/id?1027001 | Vdb Entry | |
| https://bugzilla.mozilla.org/show_bug.cgi?id=1087565 | X_refsource_confirm | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/75271 | Vdb Entry | |
| https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14964 | Signature | |
| https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird31.7 | X_refsource_confirm |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Opensuse Search vendor "Opensuse" | Opensuse Search vendor "Opensuse" for product "Opensuse" | 13.1 Search vendor "Opensuse" for product "Opensuse" and version "13.1" | - |
Affected
| ||||||
| Opensuse Search vendor "Opensuse" | Opensuse Search vendor "Opensuse" for product "Opensuse" | 13.2 Search vendor "Opensuse" for product "Opensuse" and version "13.2" | - |
Affected
| ||||||
| Google Search vendor "Google" | Chrome Search vendor "Google" for product "Chrome" | <= 18.0.1025.166 Search vendor "Google" for product "Chrome" and version " <= 18.0.1025.166" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Firefox Search vendor "Mozilla" for product "Firefox" | <= 37.0.2 Search vendor "Mozilla" for product "Firefox" and version " <= 37.0.2" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Firefox Esr Search vendor "Mozilla" for product "Firefox Esr" | <= 31.6 Search vendor "Mozilla" for product "Firefox Esr" and version " <= 31.6" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Seamonkey Search vendor "Mozilla" for product "Seamonkey" | <= 2.33.0 Search vendor "Mozilla" for product "Seamonkey" and version " <= 2.33.0" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Thunderbird Search vendor "Mozilla" for product "Thunderbird" | <= 31.6 Search vendor "Mozilla" for product "Thunderbird" and version " <= 31.6" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Thunderbird Search vendor "Mozilla" for product "Thunderbird" | <= 38.0 Search vendor "Mozilla" for product "Thunderbird" and version " <= 38.0" | - |
Affected
| ||||||