CVE-2011-3058

MEDIUM

Description

Google Chrome before 18.0.1025.142 does not properly handle the EUC-JP encoding system, which might allow remote attackers to conduct cross-site scripting (XSS) attacks via unspecified vectors.

References

http://code.google.com/p/chromium/issues/detail?id=109574

http://googlechromereleases.blogspot.com/2012/03/stable-channel-release-and-beta-channel.html

http://lists.apple.com/archives/security-announce/2013/Jan/msg00000.html

http://lists.apple.com/archives/security-announce/2013/Mar/msg00002.html

http://secunia.com/advisories/48618

http://secunia.com/advisories/48691

http://secunia.com/advisories/48763

http://support.apple.com/kb/HT5642

http://www.securityfocus.com/bid/52762

http://www.securitytracker.com/id?1026877

https://exchange.xforce.ibmcloud.com/vulnerabilities/74408

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15492

Details

Source: MITRE

Published: 2012-03-30

Updated: 2020-04-14

Type: CWE-79

Risk Information

CVSS v2.0

Base Score: 4.3

Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

Impact Score: 2.9

Exploitability Score: 8.6

Severity: MEDIUM

Vulnerable Software

Configuration 1

OR

cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*

Configuration 2

OR

cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*

cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*

Tenable Plugins

View all (12 total)

IDNameProductFamilySeverity
74592openSUSE Security Update : chromium (openSUSE-SU-2012:0492-1)NessusSuSE Local Security Checks
high
801018Mac OS X 10.8 < 10.8.3 Multiple Vulnerabilities (Security Update 2013-001)Log Correlation EngineOperating System Detection
high
6717Mac OS X 10.8 < 10.8.3 Multiple Vulnerabilities (Security Update 2013-001)Nessus Network MonitorWeb Clients
high
65578Mac OS X Multiple Vulnerabilities (Security Update 2013-001)NessusMacOS X Local Security Checks
high
65577Mac OS X 10.8.x < 10.8.3 Multiple VulnerabilitiesNessusMacOS X Local Security Checks
high
6679Apple iOS < 6.1 Multiple VulnerabilitiesNessus Network MonitorMobile Devices
high
64287Apple iOS < 6.1 Multiple VulnerabilitiesNessusMobile Devices
high
59616GLSA-201203-24 : Chromium, V8: Multiple vulnerabilitiesNessusGentoo Local Security Checks
high
800957Google Chrome < 18.0.1025.142 Multiple VulnerabilitiesLog Correlation EngineWeb Clients
high
6402Google Chrome < 18.0.1025.142 Multiple VulnerabilitiesNessus Network MonitorWeb Clients
high
58536Google Chrome < 18.0.1025.142 Multiple VulnerabilitiesNessusWindows
high
58521FreeBSD : chromium -- multiple vulnerabilities (b8f0a391-7910-11e1-8a43-00262d5ed8ee)NessusFreeBSD Local Security Checks
critical