CVE-2011-3054 — MEDIUM (4.3)

Q: How severe is CVE-2011-3054?

CVE-2011-3054 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2011-3054?

Check the references section above for vendor advisories and patch information. Affected products include: Google Chrome, Opensuse Opensuse.

Vulnerability Description

The WebUI privilege implementation in Google Chrome before 17.0.963.83 does not properly perform isolation, which allows remote attackers to bypass intended access restrictions via unspecified vectors.

CVSS Score

4.3

MEDIUM

AV:N/AC:M/Au:N/C:N/I:P/A:N

Confidentiality

NONE

Integrity

PARTIAL

Availability

NONE

Affected Products

Vendor	Product	Versions
Google	Chrome	< 17.0.963.83
Opensuse	Opensuse	12.1

Related Weaknesses (CWE)

CWE-269

References

http://code.google.com/p/chromium/issues/detail?id=117418Vendor Advisory
http://googlechromereleases.blogspot.com/2012/03/stable-channel-update_21.htmlRelease NotesVendor Advisory
http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00000.htmlMailing ListThird Party Advisory
http://osvdb.org/80292Broken Link
http://secunia.com/advisories/48512Not Applicable
http://secunia.com/advisories/48527Not Applicable
http://security.gentoo.org/glsa/glsa-201203-19.xmlThird Party Advisory
http://www.securityfocus.com/bid/52674Third Party AdvisoryVDB Entry
http://www.securitytracker.com/id?1026841Third Party AdvisoryVDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/74214Third Party AdvisoryVDB Entry
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Third Party Advisory
http://code.google.com/p/chromium/issues/detail?id=117418Vendor Advisory
http://googlechromereleases.blogspot.com/2012/03/stable-channel-update_21.htmlRelease NotesVendor Advisory
http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00000.htmlMailing ListThird Party Advisory
http://osvdb.org/80292Broken Link

FAQ

What is CVE-2011-3054?

CVE-2011-3054 is a vulnerability with a CVSS score of 4.3 (MEDIUM). The WebUI privilege implementation in Google Chrome before 17.0.963.83 does not properly perform isolation, which allows remote attackers to bypass intended access restrictions via unspecified vectors...

How severe is CVE-2011-3054?

CVE-2011-3054 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2011-3054?

Check the references section above for vendor advisories and patch information. Affected products include: Google Chrome, Opensuse Opensuse.