Home > Vulnerability Database > CVE-2011-1187

Mend.io Vulnerability Database

New vulnerability? Tell us about it!

CVE-2011-1187

Date: March 10, 2011

Google Chrome before 10.0.648.127 allows remote attackers to bypass the Same Origin Policy via unspecified vectors, related to an "error message leak."

Severity Score

6.1

Related Resources (14)

Url: http://www.securityfocus.com/bid/46785

Url: https://exchange.xforce.ibmcloud.com/vulnerabilities/65951

Url: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14369

Url: http://secunia.com/advisories/49055

Url: http://www.mozilla.org/security/announce/2012/mfsa2012-32.html

Url: http://code.google.com/p/chromium/issues/detail?id=69187

Url: https://bugzilla.mozilla.org/show_bug.cgi?id=624621

Url: https://nvd.nist.gov/vuln/detail/CVE-2011-1187

Url: http://www.vupen.com/english/advisories/2011/0628

Url: https://people.canonical.com/~ubuntu-security/cve/CVE-2011-1187

Url: http://googlechromereleases.blogspot.com/2011/03/chrome-stable-release.html

Url: http://secunia.com/advisories/49047

Url: http://secunia.com/advisories/48972

Url: https://www.mend.io/vulnerability-database/CVE-2011-1187

Severity Score

6.1

Weakness Type (CWE)

Exposure of Sensitive Information to an Unauthorized Actor

CWE-200

CVSS v3.1

Base Score:	6.1
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	LOW
Privileges Required (PR):	NONE
User Interaction (UI):	REQUIRED
Scope (S):	CHANGED
Confidentiality (C):	LOW
Integrity (I):	LOW
Availability (A):	NONE

CVSS v2

Base Score:	5.0
Access Vector (AV):	NETWORK
Access Complexity (AC):	LOW
Authentication (AU):	NONE
Confidentiality (C):	PARTIAL
Integrity (I):	NONE
Availability (A):	NONE
Additional information:

Do you need more information?

Contact Us