Home > Vulnerability Database > CVE-2011-2805

Mend.io Vulnerability Database

CVE-2011-2805

Date: August 2, 2011

Google Chrome before 13.0.782.107 allows remote attackers to bypass the Same Origin Policy and conduct script injection attacks via unspecified vectors.

Severity Score

5.6

Related Resources (12)

Url: https://people.canonical.com/~ubuntu-security/cve/CVE-2011-2805

Url: https://exchange.xforce.ibmcloud.com/vulnerabilities/68967

Url: http://code.google.com/p/chromium/issues/detail?id=89520

Url: http://lists.apple.com/archives/Security-announce/2011//Oct/msg00004.html

Url: http://support.apple.com/kb/HT4999

Url: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14583

Url: http://osvdb.org/74257

Url: https://nvd.nist.gov/vuln/detail/CVE-2011-2805

Url: http://support.apple.com/kb/HT5000

Url: http://googlechromereleases.blogspot.com/2011/08/stable-channel-update.html

Url: http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html

Url: https://www.mend.io/vulnerability-database/CVE-2011-2805

Severity Score

5.6

Weakness Type (CWE)

Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

CWE-74

CVSS v3.1

Base Score:	5.6
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	HIGH
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	LOW
Integrity (I):	LOW
Availability (A):	LOW

CVSS v2

Base Score:	6.8
Access Vector (AV):	NETWORK
Access Complexity (AC):	MEDIUM
Authentication (AU):	NONE
Confidentiality (C):	PARTIAL
Integrity (I):	PARTIAL
Availability (A):	PARTIAL
Additional information:

Mend.io Vulnerability Database

We found results for “”

CVE-2011-2805

Date: August 2, 2011

Severity Score

Related Resources (12)

Severity Score

Weakness Type (CWE)

CVSS v3.1

CVSS v2

Do you need more information?