Home > Vulnerability Database > CVE-2011-2785

Mend.io Vulnerability Database

New vulnerability? Tell us about it!

CVE-2011-2785

Date: August 2, 2011

The extensions implementation in Google Chrome before 13.0.782.107 does not properly validate the URL for the home page, which allows remote attackers to have an unspecified impact via a crafted extension.

Severity Score

3.7

Related Resources (8)

Url: https://nvd.nist.gov/vuln/detail/CVE-2011-2785

Url: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14298

Url: http://osvdb.org/74235

Url: https://people.canonical.com/~ubuntu-security/cve/CVE-2011-2785

Url: https://exchange.xforce.ibmcloud.com/vulnerabilities/68947

Url: http://code.google.com/p/chromium/issues/detail?id=84402

Url: http://googlechromereleases.blogspot.com/2011/08/stable-channel-update.html

Url: https://www.mend.io/vulnerability-database/CVE-2011-2785

Severity Score

3.7

Weakness Type (CWE)

Improper Input Validation

CWE-20

CVSS v3.1

Base Score:	3.7
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	HIGH
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	NONE
Integrity (I):	LOW
Availability (A):	NONE

CVSS v2

Base Score:	4.3
Access Vector (AV):	NETWORK
Access Complexity (AC):	MEDIUM
Authentication (AU):	NONE
Confidentiality (C):	NONE
Integrity (I):	PARTIAL
Availability (A):	NONE
Additional information:

Do you need more information?

Contact Us