CVE-2011-3037 — MEDIUM (6.8)

Q: How severe is CVE-2011-3037?

CVE-2011-3037 has been rated MEDIUM with a CVSS base score of 6.8/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2011-3037?

Check the references section above for vendor advisories and patch information. Affected products include: Google Chrome, Opensuse Opensuse, Apple Itunes, Apple Safari, Apple Iphone Os.

Vulnerability Description

Google Chrome before 17.0.963.65 does not properly perform casts of unspecified variables during the splitting of anonymous blocks, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a crafted document.

CVSS Score

6.8

MEDIUM

AV:N/AC:M/Au:N/C:P/I:P/A:P

Confidentiality

PARTIAL

Integrity

PARTIAL

Availability

PARTIAL

Affected Products

Vendor	Product	Versions
Google	Chrome	< 17.0.963.65
Opensuse	Opensuse	12.1
Apple	Itunes	< 10.7
Apple	Safari	< 6.0
Apple	Iphone Os	< 6.0

Related Weaknesses (CWE)

CWE-704

References

http://code.google.com/p/chromium/issues/detail?id=113439Vendor Advisory
http://code.google.com/p/chromium/issues/detail?id=114924Vendor Advisory
http://code.google.com/p/chromium/issues/detail?id=115028Vendor Advisory
http://googlechromereleases.blogspot.com/2012/03/chrome-stable-update.htmlRelease NotesVendor Advisory
http://lists.apple.com/archives/security-announce/2012/Jul/msg00000.htmlMailing ListThird Party Advisory
http://lists.apple.com/archives/security-announce/2012/Sep/msg00001.htmlMailing ListThird Party Advisory
http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.htmlMailing ListThird Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00012.htmlMailing ListThird Party Advisory
http://osvdb.org/79796Broken Link
http://secunia.com/advisories/48265Not Applicable
http://secunia.com/advisories/48419Not Applicable
http://secunia.com/advisories/48527Not Applicable
http://security.gentoo.org/glsa/glsa-201203-19.xmlThird Party Advisory
http://support.apple.com/kb/HT5400Third Party Advisory
http://support.apple.com/kb/HT5485Third Party Advisory

FAQ

What is CVE-2011-3037?

CVE-2011-3037 is a vulnerability with a CVSS score of 6.8 (MEDIUM). Google Chrome before 17.0.963.65 does not properly perform casts of unspecified variables during the splitting of anonymous blocks, which allows remote attackers to cause a denial of service or possib...

How severe is CVE-2011-3037?

CVE-2011-3037 has been rated MEDIUM with a CVSS base score of 6.8/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2011-3037?

Check the references section above for vendor advisories and patch information. Affected products include: Google Chrome, Opensuse Opensuse, Apple Itunes, Apple Safari, Apple Iphone Os.