Home > Vulnerability Database > CVE-2011-1290

Mend.io Vulnerability Database

CVE-2011-1290

Date: March 11, 2011

Integer overflow in WebKit, as used on the Research In Motion (RIM) BlackBerry Torch 9800 with firmware 6.0.0.246, in Google Chrome before 10.0.648.133, and in Apple Safari before 5.0.5, allows remote attackers to execute arbitrary code via unknown vectors related to CSS "style handling," nodesets, and a length value, as demonstrated by Vincenzo Iozzo, Willem Pinckaers, and Ralf-Philipp Weinmann during a Pwn2Own competition at CanSecWest 2011.

Severity Score

9.8

Related Resources (28)

Url: http://secunia.com/advisories/43748

Url: https://nvd.nist.gov/vuln/detail/CVE-2011-1290

Url: http://www.zerodayinitiative.com/advisories/ZDI-11-104

Url: http://osvdb.org/71182

Url: http://www.securityfocus.com/bid/46849

Url: http://secunia.com/advisories/43782

Url: http://secunia.com/advisories/44154

Url: http://www.vupen.com/english/advisories/2011/0654

Url: http://secunia.com/advisories/44151

Url: http://www.vupen.com/english/advisories/2011/0671

Url: https://exchange.xforce.ibmcloud.com/vulnerabilities/66052

Url: http://www.debian.org/security/2011/dsa-2192

Url: http://googlechromereleases.blogspot.com/2011/03/stable-and-beta-channel-updates.html

Url: http://lists.apple.com/archives/security-announce/2011//Apr/msg00002.html

Url: http://www.securityfocus.com/archive/1/517513/100/0/threaded

Url: http://support.apple.com/kb/HT4607

Url: http://dvlabs.tippingpoint.com/blog/2011/02/02/pwn2own-2011

Url: http://support.apple.com/kb/HT4596

Url: http://www.zdnet.com/blog/security/pwn2own-2011-blackberry-falls-to-webkit-browser-attack/8401

Url: http://lists.apple.com/archives/security-announce/2011//Apr/msg00001.html

Url: http://www.vupen.com/english/advisories/2011/0645

Url: https://people.canonical.com/~ubuntu-security/cve/CVE-2011-1290

Url: http://www.vupen.com/english/advisories/2011/0984

Url: http://lists.apple.com/archives/security-announce/2011//Apr/msg00000.html

Url: http://secunia.com/advisories/43735

Url: http://www.blackberry.com/btsc/KB26132

Url: http://www.securitytracker.com/id?1025212

Url: https://www.mend.io/vulnerability-database/CVE-2011-1290

Severity Score

9.8

Weakness Type (CWE)

Numeric Errors

CWE-189

CVSS v3.1

Base Score:	9.8
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	LOW
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	HIGH
Integrity (I):	HIGH
Availability (A):	HIGH

CVSS v2

Base Score:	10.0
Access Vector (AV):	NETWORK
Access Complexity (AC):	LOW
Authentication (AU):	NONE
Confidentiality (C):	COMPLETE
Integrity (I):	COMPLETE
Availability (A):	COMPLETE
Additional information:

Mend.io Vulnerability Database

We found results for “”

CVE-2011-1290

Date: March 11, 2011

Severity Score

Related Resources (28)

Severity Score

Weakness Type (CWE)

CVSS v3.1

CVSS v2

Do you need more information?