CVE-2011-3079
Severity Score
10.0
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
The Inter-process Communication (IPC) implementation in Google Chrome before 18.0.1025.168, as used in Mozilla Firefox before 38.0 and other products, does not properly validate messages, which has unspecified impact and attack vectors.
La implementación de Inter-process Communication (IPC) en Google Chrome en versiones anteriores a 18.0.1025.168, tal como se utiliza en Mozilla Firefox en versiones anteriores a 38.0 y otros productos, no valida mensajes adecuadamente, lo que tiene un impacto y vectores de ataque no especificados.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2011-08-09 CVE Reserved
- 2012-05-01 CVE Published
- 2023-11-30 EPSS Updated
- 2024-08-06 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-399: Resource Management Errors
CAPEC
References (16)
| URL | Tag | Source |
|---|---|---|
| http://code.google.com/p/chromium/issues/detail?id=117627 | X_refsource_confirm | |
| http://googlechromereleases.blogspot.com/2012/04/stable-channel-update_30.html | X_refsource_confirm | |
| http://osvdb.org/81645 | Vdb Entry | |
| http://secunia.com/advisories/48992 | Third Party Advisory | |
| http://www.mozilla.org/security/announce/2015/mfsa2015-57.html | X_refsource_confirm | |
| http://www.securityfocus.com/bid/53309 | Vdb Entry | |
| http://www.securitytracker.com/id?1027001 | Vdb Entry | |
| https://bugzilla.mozilla.org/show_bug.cgi?id=1087565 | X_refsource_confirm | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/75271 | Vdb Entry | |
| https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14964 | Signature | |
| https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird31.7 | X_refsource_confirm |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Opensuse Search vendor "Opensuse" | Opensuse Search vendor "Opensuse" for product "Opensuse" | 13.1 Search vendor "Opensuse" for product "Opensuse" and version "13.1" | - |
Affected
| ||||||
| Opensuse Search vendor "Opensuse" | Opensuse Search vendor "Opensuse" for product "Opensuse" | 13.2 Search vendor "Opensuse" for product "Opensuse" and version "13.2" | - |
Affected
| ||||||
| Google Search vendor "Google" | Chrome Search vendor "Google" for product "Chrome" | <= 18.0.1025.166 Search vendor "Google" for product "Chrome" and version " <= 18.0.1025.166" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Firefox Search vendor "Mozilla" for product "Firefox" | <= 37.0.2 Search vendor "Mozilla" for product "Firefox" and version " <= 37.0.2" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Firefox Esr Search vendor "Mozilla" for product "Firefox Esr" | <= 31.6 Search vendor "Mozilla" for product "Firefox Esr" and version " <= 31.6" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Seamonkey Search vendor "Mozilla" for product "Seamonkey" | <= 2.33.0 Search vendor "Mozilla" for product "Seamonkey" and version " <= 2.33.0" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Thunderbird Search vendor "Mozilla" for product "Thunderbird" | <= 31.6 Search vendor "Mozilla" for product "Thunderbird" and version " <= 31.6" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Thunderbird Search vendor "Mozilla" for product "Thunderbird" | <= 38.0 Search vendor "Mozilla" for product "Thunderbird" and version " <= 38.0" | - |
Affected
| ||||||