PT-2011-3029 · Google+1 · Google Chrome+2

Sergey Glazunov

Publicado

2011-03-24

Atualizado

2020-05-29

CVE-2011-1295

CVSS v2.0

7.5

Alta

Vetor

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions WebKit versions prior to 5.0.6 Google Chrome versions prior to 10.0.648.204

Description The issue is related to improper handling of node parentage, which can be exploited by remote attackers to cause a denial of service (DOM tree corruption) or possibly have unspecified other impact. This can also be used to conduct cross-site scripting (XSS) attacks via unknown vectors.

Recommendations For WebKit versions prior to 5.0.6, update to version 5.0.6 or later to resolve the issue. For Google Chrome versions prior to 10.0.648.204, update to version 10.0.648.204 or later to resolve the issue.

Correção

DoS

RCE

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-20

Identificadores relacionados

CVE-2011-1295

Produtos afetados

Google Chrome

Safari

Webkit

PT-2011-3029 · Google+1 · Google Chrome+2

CVE-2011-1295

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 14