Home > Vulnerability Database > CVE-2011-0485

Mend Vulnerability Database

New vulnerability? Tell us about it!

CVE-2011-0485

Good to know:

Date: January 14, 2011

Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do not properly handle speech data, which allows remote attackers to execute arbitrary code via unspecified vectors that lead to a "stale pointer."

Severity Score

9.8

Related Resources (5)

Url: https://nvd.nist.gov/vuln/detail/CVE-2011-0485

Url: http://code.google.com/p/chromium/issues/detail?id=68666

Url: http://www.securityfocus.com/bid/45788

Url: https://exchange.xforce.ibmcloud.com/vulnerabilities/64676

Url: http://googlechromereleases.blogspot.com/2011/01/chrome-stable-release.html

Severity Score

9.8

Weakness Type (CWE)

Input Validation

CWE-20

Top Fix

Upgrade Version

CVSS v3.1

Base Score:	9.8
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	LOW
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	HIGH
Integrity (I):	HIGH
Availability (A):	HIGH

CVSS v2

Base Score:	10.0
Access Vector (AV):	NETWORK
Access Complexity (AC):	LOW
Authentication (AU):	NONE
Confidentiality (C):	COMPLETE
Integrity (I):	COMPLETE
Availability (A):	COMPLETE
Additional information:

Do you need more information?

Contact Us