cvelistv5 - CVE-2011-1290

CVE-2011-1290 (GCVE-0-2011-1290)

Vulnerability from cvelistv5 – Published: 2011-03-11 21:00 – Updated: 2024-08-06 22:21

Summary

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

Tags

	http://www.vupen.com/english/advisories/2011/0654	vdb-entryx_refsource_VUPEN
	http://googlechromereleases.blogspot.com/2011/03/…	x_refsource_CONFIRM
	http://secunia.com/advisories/44151	third-party-advisoryx_refsource_SECUNIA
	http://www.securityfocus.com/bid/46849	vdb-entryx_refsource_BID
	http://www.securitytracker.com/id?1025212	vdb-entryx_refsource_SECTRACK
	http://support.apple.com/kb/HT4596	x_refsource_CONFIRM
	http://osvdb.org/71182	vdb-entryx_refsource_OSVDB
	http://www.debian.org/security/2011/dsa-2192	vendor-advisoryx_refsource_DEBIAN
	http://lists.apple.com/archives/security-announce…	vendor-advisoryx_refsource_APPLE
	http://lists.apple.com/archives/security-announce…	vendor-advisoryx_refsource_APPLE
	http://www.zerodayinitiative.com/advisories/ZDI-11-104	x_refsource_MISC
	http://www.blackberry.com/btsc/KB26132	x_refsource_CONFIRM
	http://www.vupen.com/english/advisories/2011/0984	vdb-entryx_refsource_VUPEN
	http://www.vupen.com/english/advisories/2011/0645	vdb-entryx_refsource_VUPEN
	http://dvlabs.tippingpoint.com/blog/2011/02/02/pw…	x_refsource_MISC
	http://secunia.com/advisories/43782	third-party-advisoryx_refsource_SECUNIA
	http://support.apple.com/kb/HT4607	x_refsource_CONFIRM
	http://www.vupen.com/english/advisories/2011/0671	vdb-entryx_refsource_VUPEN
	http://lists.apple.com/archives/security-announce…	vendor-advisoryx_refsource_APPLE
	http://www.zdnet.com/blog/security/pwn2own-2011-b…	x_refsource_MISC
	http://secunia.com/advisories/43748	third-party-advisoryx_refsource_SECUNIA
	http://www.securityfocus.com/archive/1/517513/100…	mailing-listx_refsource_BUGTRAQ
	http://secunia.com/advisories/44154	third-party-advisoryx_refsource_SECUNIA
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	http://secunia.com/advisories/43735	third-party-advisoryx_refsource_SECUNIA

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T22:21:34.187Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "ADV-2011-0654",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2011/0654"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://googlechromereleases.blogspot.com/2011/03/stable-and-beta-channel-updates.html"
          },
          {
            "name": "44151",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/44151"
          },
          {
            "name": "46849",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/46849"
          },
          {
            "name": "1025212",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1025212"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT4596"
          },
          {
            "name": "71182",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/71182"
          },
          {
            "name": "DSA-2192",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2011/dsa-2192"
          },
          {
            "name": "APPLE-SA-2011-04-14-3",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2011//Apr/msg00002.html"
          },
          {
            "name": "APPLE-SA-2011-04-14-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2011//Apr/msg00001.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.zerodayinitiative.com/advisories/ZDI-11-104"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.blackberry.com/btsc/KB26132"
          },
          {
            "name": "ADV-2011-0984",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2011/0984"
          },
          {
            "name": "ADV-2011-0645",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2011/0645"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://dvlabs.tippingpoint.com/blog/2011/02/02/pwn2own-2011"
          },
          {
            "name": "43782",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/43782"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT4607"
          },
          {
            "name": "ADV-2011-0671",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2011/0671"
          },
          {
            "name": "APPLE-SA-2011-04-14-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2011//Apr/msg00000.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.zdnet.com/blog/security/pwn2own-2011-blackberry-falls-to-webkit-browser-attack/8401"
          },
          {
            "name": "43748",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/43748"
          },
          {
            "name": "20110414 ZDI-11-104: (Pwn2Own) Webkit CSS Text Element Count Remote Code Execution Vulnerability",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/517513/100/0/threaded"
          },
          {
            "name": "44154",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/44154"
          },
          {
            "name": "google-webkit-style-code-execution(66052)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66052"
          },
          {
            "name": "43735",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/43735"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2011-03-10T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Integer overflow in WebKit, as used on the Research In Motion (RIM) BlackBerry Torch 9800 with firmware 6.0.0.246, in Google Chrome before 10.0.648.133, and in Apple Safari before 5.0.5, allows remote attackers to execute arbitrary code via unknown vectors related to CSS \"style handling,\" nodesets, and a length value, as demonstrated by Vincenzo Iozzo, Willem Pinckaers, and Ralf-Philipp Weinmann during a Pwn2Own competition at CanSecWest 2011."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-09T18:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "ADV-2011-0654",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2011/0654"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://googlechromereleases.blogspot.com/2011/03/stable-and-beta-channel-updates.html"
        },
        {
          "name": "44151",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/44151"
        },
        {
          "name": "46849",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/46849"
        },
        {
          "name": "1025212",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1025212"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT4596"
        },
        {
          "name": "71182",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/71182"
        },
        {
          "name": "DSA-2192",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2011/dsa-2192"
        },
        {
          "name": "APPLE-SA-2011-04-14-3",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2011//Apr/msg00002.html"
        },
        {
          "name": "APPLE-SA-2011-04-14-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2011//Apr/msg00001.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.zerodayinitiative.com/advisories/ZDI-11-104"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.blackberry.com/btsc/KB26132"
        },
        {
          "name": "ADV-2011-0984",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2011/0984"
        },
        {
          "name": "ADV-2011-0645",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2011/0645"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://dvlabs.tippingpoint.com/blog/2011/02/02/pwn2own-2011"
        },
        {
          "name": "43782",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/43782"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT4607"
        },
        {
          "name": "ADV-2011-0671",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2011/0671"
        },
        {
          "name": "APPLE-SA-2011-04-14-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2011//Apr/msg00000.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.zdnet.com/blog/security/pwn2own-2011-blackberry-falls-to-webkit-browser-attack/8401"
        },
        {
          "name": "43748",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/43748"
        },
        {
          "name": "20110414 ZDI-11-104: (Pwn2Own) Webkit CSS Text Element Count Remote Code Execution Vulnerability",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/517513/100/0/threaded"
        },
        {
          "name": "44154",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/44154"
        },
        {
          "name": "google-webkit-style-code-execution(66052)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66052"
        },
        {
          "name": "43735",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/43735"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2011-1290",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Integer overflow in WebKit, as used on the Research In Motion (RIM) BlackBerry Torch 9800 with firmware 6.0.0.246, in Google Chrome before 10.0.648.133, and in Apple Safari before 5.0.5, allows remote attackers to execute arbitrary code via unknown vectors related to CSS \"style handling,\" nodesets, and a length value, as demonstrated by Vincenzo Iozzo, Willem Pinckaers, and Ralf-Philipp Weinmann during a Pwn2Own competition at CanSecWest 2011."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "ADV-2011-0654",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2011/0654"
            },
            {
              "name": "http://googlechromereleases.blogspot.com/2011/03/stable-and-beta-channel-updates.html",
              "refsource": "CONFIRM",
              "url": "http://googlechromereleases.blogspot.com/2011/03/stable-and-beta-channel-updates.html"
            },
            {
              "name": "44151",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/44151"
            },
            {
              "name": "46849",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/46849"
            },
            {
              "name": "1025212",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1025212"
            },
            {
              "name": "http://support.apple.com/kb/HT4596",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT4596"
            },
            {
              "name": "71182",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/71182"
            },
            {
              "name": "DSA-2192",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2011/dsa-2192"
            },
            {
              "name": "APPLE-SA-2011-04-14-3",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/security-announce/2011//Apr/msg00002.html"
            },
            {
              "name": "APPLE-SA-2011-04-14-2",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/security-announce/2011//Apr/msg00001.html"
            },
            {
              "name": "http://www.zerodayinitiative.com/advisories/ZDI-11-104",
              "refsource": "MISC",
              "url": "http://www.zerodayinitiative.com/advisories/ZDI-11-104"
            },
            {
              "name": "http://www.blackberry.com/btsc/KB26132",
              "refsource": "CONFIRM",
              "url": "http://www.blackberry.com/btsc/KB26132"
            },
            {
              "name": "ADV-2011-0984",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2011/0984"
            },
            {
              "name": "ADV-2011-0645",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2011/0645"
            },
            {
              "name": "http://dvlabs.tippingpoint.com/blog/2011/02/02/pwn2own-2011",
              "refsource": "MISC",
              "url": "http://dvlabs.tippingpoint.com/blog/2011/02/02/pwn2own-2011"
            },
            {
              "name": "43782",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/43782"
            },
            {
              "name": "http://support.apple.com/kb/HT4607",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT4607"
            },
            {
              "name": "ADV-2011-0671",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2011/0671"
            },
            {
              "name": "APPLE-SA-2011-04-14-1",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/security-announce/2011//Apr/msg00000.html"
            },
            {
              "name": "http://www.zdnet.com/blog/security/pwn2own-2011-blackberry-falls-to-webkit-browser-attack/8401",
              "refsource": "MISC",
              "url": "http://www.zdnet.com/blog/security/pwn2own-2011-blackberry-falls-to-webkit-browser-attack/8401"
            },
            {
              "name": "43748",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/43748"
            },
            {
              "name": "20110414 ZDI-11-104: (Pwn2Own) Webkit CSS Text Element Count Remote Code Execution Vulnerability",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/517513/100/0/threaded"
            },
            {
              "name": "44154",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/44154"
            },
            {
              "name": "google-webkit-style-code-execution(66052)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66052"
            },
            {
              "name": "43735",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/43735"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2011-1290",
    "datePublished": "2011-03-11T21:00:00",
    "dateReserved": "2011-03-06T00:00:00",
    "dateUpdated": "2024-08-06T22:21:34.187Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apple:webkit:*:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"461EFB63-7933-488C-BB4E-7C913364F5A9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:rim:blackberry_torch_9800_firmware:6.0.0.246:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C295C9D4-54E7-44C8-98B6-8E0588D8FAA0\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:rim:blackberry_torch_9800:*:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BE6974E3-F348-4C8C-B199-4E680D6CB0E7\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Integer overflow in WebKit, as used on the Research In Motion (RIM) BlackBerry Torch 9800 with firmware 6.0.0.246, in Google Chrome before 10.0.648.133, and in Apple Safari before 5.0.5, allows remote attackers to execute arbitrary code via unknown vectors related to CSS \\\"style handling,\\\" nodesets, and a length value, as demonstrated by Vincenzo Iozzo, Willem Pinckaers, and Ralf-Philipp Weinmann during a Pwn2Own competition at CanSecWest 2011.\"}, {\"lang\": \"es\", \"value\": \"Un desbordamiento de enteros en WebKit, tal y como es usado en el BlackBerry Torch 9800 de Research In Motion (RIM) con versi\\u00f3n de firmware 6.0.0.246, en Google Chrome anterior a versi\\u00f3n 10.0.648.133 y en Apple Safari anterior a versi\\u00f3n 5.0.5, permite a los atacantes remotos ejecutar c\\u00f3digo arbitrario por medio de vectores desconocidos relacionados a el \\\"style handling,\\\" de CSS, los ajustes de nodos y un valor de longitud, como es demostrado por Vincenzo Iozzo, Willem Pinckaers y Ralf-Philipp Weinmann durante una competencia de Pwn2Own en CanSecWest 2011.\"}]",
      "id": "CVE-2011-1290",
      "lastModified": "2024-11-21T01:25:59.977",
      "metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:C/I:C/A:C\", \"baseScore\": 10.0, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"COMPLETE\", \"integrityImpact\": \"COMPLETE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 10.0, \"impactScore\": 10.0, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2011-03-11T21:57:16.893",
      "references": "[{\"url\": \"http://dvlabs.tippingpoint.com/blog/2011/02/02/pwn2own-2011\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://googlechromereleases.blogspot.com/2011/03/stable-and-beta-channel-updates.html\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://lists.apple.com/archives/security-announce/2011//Apr/msg00000.html\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://lists.apple.com/archives/security-announce/2011//Apr/msg00001.html\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://lists.apple.com/archives/security-announce/2011//Apr/msg00002.html\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://osvdb.org/71182\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://secunia.com/advisories/43735\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/43748\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/43782\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/44151\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/44154\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://support.apple.com/kb/HT4596\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://support.apple.com/kb/HT4607\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.blackberry.com/btsc/KB26132\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.debian.org/security/2011/dsa-2192\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.securityfocus.com/archive/1/517513/100/0/threaded\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.securityfocus.com/bid/46849\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.securitytracker.com/id?1025212\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.vupen.com/english/advisories/2011/0645\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2011/0654\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2011/0671\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.vupen.com/english/advisories/2011/0984\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.zdnet.com/blog/security/pwn2own-2011-blackberry-falls-to-webkit-browser-attack/8401\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.zerodayinitiative.com/advisories/ZDI-11-104\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/66052\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://dvlabs.tippingpoint.com/blog/2011/02/02/pwn2own-2011\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://googlechromereleases.blogspot.com/2011/03/stable-and-beta-channel-updates.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://lists.apple.com/archives/security-announce/2011//Apr/msg00000.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://lists.apple.com/archives/security-announce/2011//Apr/msg00001.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://lists.apple.com/archives/security-announce/2011//Apr/msg00002.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://osvdb.org/71182\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://secunia.com/advisories/43735\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/43748\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/43782\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/44151\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/44154\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://support.apple.com/kb/HT4596\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://support.apple.com/kb/HT4607\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.blackberry.com/btsc/KB26132\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.debian.org/security/2011/dsa-2192\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securityfocus.com/archive/1/517513/100/0/threaded\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securityfocus.com/bid/46849\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securitytracker.com/id?1025212\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.vupen.com/english/advisories/2011/0645\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2011/0654\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2011/0671\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.vupen.com/english/advisories/2011/0984\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.zdnet.com/blog/security/pwn2own-2011-blackberry-falls-to-webkit-browser-attack/8401\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.zerodayinitiative.com/advisories/ZDI-11-104\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/66052\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "cve@mitre.org",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-189\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2011-1290\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2011-03-11T21:57:16.893\",\"lastModified\":\"2025-04-11T00:51:21.963\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Integer overflow in WebKit, as used on the Research In Motion (RIM) BlackBerry Torch 9800 with firmware 6.0.0.246, in Google Chrome before 10.0.648.133, and in Apple Safari before 5.0.5, allows remote attackers to execute arbitrary code via unknown vectors related to CSS \\\"style handling,\\\" nodesets, and a length value, as demonstrated by Vincenzo Iozzo, Willem Pinckaers, and Ralf-Philipp Weinmann during a Pwn2Own competition at CanSecWest 2011.\"},{\"lang\":\"es\",\"value\":\"Un desbordamiento de enteros en WebKit, tal y como es usado en el BlackBerry Torch 9800 de Research In Motion (RIM) con versi\u00f3n de firmware 6.0.0.246, en Google Chrome anterior a versi\u00f3n 10.0.648.133 y en Apple Safari anterior a versi\u00f3n 5.0.5, permite a los atacantes remotos ejecutar c\u00f3digo arbitrario por medio de vectores desconocidos relacionados a el \\\"style handling,\\\" de CSS, los ajustes de nodos y un valor de longitud, como es demostrado por Vincenzo Iozzo, Willem Pinckaers y Ralf-Philipp Weinmann durante una competencia de Pwn2Own en CanSecWest 2011.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:C/I:C/A:C\",\"baseScore\":10.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-189\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:webkit:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"461EFB63-7933-488C-BB4E-7C913364F5A9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rim:blackberry_torch_9800_firmware:6.0.0.246:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C295C9D4-54E7-44C8-98B6-8E0588D8FAA0\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:rim:blackberry_torch_9800:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BE6974E3-F348-4C8C-B199-4E680D6CB0E7\"}]}]}],\"references\":[{\"url\":\"http://dvlabs.tippingpoint.com/blog/2011/02/02/pwn2own-2011\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://googlechromereleases.blogspot.com/2011/03/stable-and-beta-channel-updates.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://lists.apple.com/archives/security-announce/2011//Apr/msg00000.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://lists.apple.com/archives/security-announce/2011//Apr/msg00001.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://lists.apple.com/archives/security-announce/2011//Apr/msg00002.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://osvdb.org/71182\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/43735\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/43748\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/43782\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/44151\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/44154\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://support.apple.com/kb/HT4596\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://support.apple.com/kb/HT4607\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.blackberry.com/btsc/KB26132\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.debian.org/security/2011/dsa-2192\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/archive/1/517513/100/0/threaded\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/bid/46849\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securitytracker.com/id?1025212\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.vupen.com/english/advisories/2011/0645\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2011/0654\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2011/0671\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.vupen.com/english/advisories/2011/0984\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.zdnet.com/blog/security/pwn2own-2011-blackberry-falls-to-webkit-browser-attack/8401\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.zerodayinitiative.com/advisories/ZDI-11-104\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/66052\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://dvlabs.tippingpoint.com/blog/2011/02/02/pwn2own-2011\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://googlechromereleases.blogspot.com/2011/03/stable-and-beta-channel-updates.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.apple.com/archives/security-announce/2011//Apr/msg00000.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.apple.com/archives/security-announce/2011//Apr/msg00001.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.apple.com/archives/security-announce/2011//Apr/msg00002.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://osvdb.org/71182\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/43735\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/43748\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/43782\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/44151\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/44154\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://support.apple.com/kb/HT4596\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://support.apple.com/kb/HT4607\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.blackberry.com/btsc/KB26132\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.debian.org/security/2011/dsa-2192\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/archive/1/517513/100/0/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/46849\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securitytracker.com/id?1025212\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vupen.com/english/advisories/2011/0645\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2011/0654\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2011/0671\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vupen.com/english/advisories/2011/0984\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.zdnet.com/blog/security/pwn2own-2011-blackberry-falls-to-webkit-browser-attack/8401\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.zerodayinitiative.com/advisories/ZDI-11-104\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/66052\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}

GHSA-4GC5-387R-VQMC

Vulnerability from github – Published: 2022-05-14 02:56 – Updated: 2022-05-14 02:56

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2011-1290"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2011-03-11T21:57:00Z",
    "severity": "HIGH"
  },
  "details": "Integer overflow in WebKit, as used on the Research In Motion (RIM) BlackBerry Torch 9800 with firmware 6.0.0.246, in Google Chrome before 10.0.648.133, and in Apple Safari before 5.0.5, allows remote attackers to execute arbitrary code via unknown vectors related to CSS \"style handling,\" nodesets, and a length value, as demonstrated by Vincenzo Iozzo, Willem Pinckaers, and Ralf-Philipp Weinmann during a Pwn2Own competition at CanSecWest 2011.",
  "id": "GHSA-4gc5-387r-vqmc",
  "modified": "2022-05-14T02:56:10Z",
  "published": "2022-05-14T02:56:10Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2011-1290"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66052"
    },
    {
      "type": "WEB",
      "url": "http://dvlabs.tippingpoint.com/blog/2011/02/02/pwn2own-2011"
    },
    {
      "type": "WEB",
      "url": "http://googlechromereleases.blogspot.com/2011/03/stable-and-beta-channel-updates.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.apple.com/archives/security-announce/2011//Apr/msg00000.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.apple.com/archives/security-announce/2011//Apr/msg00001.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.apple.com/archives/security-announce/2011//Apr/msg00002.html"
    },
    {
      "type": "WEB",
      "url": "http://osvdb.org/71182"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/43735"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/43748"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/43782"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/44151"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/44154"
    },
    {
      "type": "WEB",
      "url": "http://support.apple.com/kb/HT4596"
    },
    {
      "type": "WEB",
      "url": "http://support.apple.com/kb/HT4607"
    },
    {
      "type": "WEB",
      "url": "http://www.blackberry.com/btsc/KB26132"
    },
    {
      "type": "WEB",
      "url": "http://www.debian.org/security/2011/dsa-2192"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/archive/1/517513/100/0/threaded"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/46849"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id?1025212"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2011/0645"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2011/0654"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2011/0671"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2011/0984"
    },
    {
      "type": "WEB",
      "url": "http://www.zdnet.com/blog/security/pwn2own-2011-blackberry-falls-to-webkit-browser-attack/8401"
    },
    {
      "type": "WEB",
      "url": "http://www.zerodayinitiative.com/advisories/ZDI-11-104"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

CERTA-2011-AVI-152

Vulnerability from certfr_avis - Published: - Updated:

Une vulnérabilité du navigateur Google Chrome permet l'exécution de code arbitraire à distance.

Description

Une vulnérabilité non divulguée dans le navigateur Google Chrome permet l'exécution de code arbitraire à distance.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Google Chrome versions antérieures à 10.0.648.133.

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Note de version Google Chrome du 11 mars 2011	None	vendor-advisory
Note de version Google Chrome 2011/03/stable-and-beta-channel-updates.html du 11 mars 2011 :	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cp\u003eGoogle Chrome versions ant\u00e9rieures \u00e0  10.0.648.133.\u003c/p\u003e",
  "content": "## Description\n\nUne vuln\u00e9rabilit\u00e9 non divulgu\u00e9e dans le navigateur Google Chrome permet\nl\u0027ex\u00e9cution de code arbitraire \u00e0 distance.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2011-1290",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1290"
    }
  ],
  "links": [
    {
      "title": "Note de version Google Chrome    2011/03/stable-and-beta-channel-updates.html du 11 mars 2011 :",
      "url": "http://googlechromereleases.blogspot.com/2011/03/stable-and-beta-channel-updates.html"
    }
  ],
  "reference": "CERTA-2011-AVI-152",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2011-03-14T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    }
  ],
  "summary": "Une vuln\u00e9rabilit\u00e9 du navigateur Google Chrome permet l\u0027ex\u00e9cution de code\narbitraire \u00e0 distance.\n",
  "title": "Vuln\u00e9rabilit\u00e9 dans Google Chrome",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Note de version Google Chrome du 11 mars 2011",
      "url": null
    }
  ]
}

CERTA-2011-AVI-235

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités dans itunes permettent à un attaquant d'exécuter du code arbitraire à distance.

Description

De multiples vulnérabilités dans le logiciel Webkit intégré dans itunes permettent à un attaquant d'exécuter du code arbitraire par une technique du type 'homme au milieu', lorsque l'utilisateur est connecté à l'itunesStore.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Apple itunes versions antérieures à 10.2.2 pour Microsoft Windows.

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Bulletin de sécurité Apple HT4609 du 18 avril 2011

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cp\u003eApple itunes versions ant\u00e9rieures \u00e0  10.2.2 pour Microsoft Windows.\u003c/p\u003e",
  "content": "## Description\n\nDe multiples vuln\u00e9rabilit\u00e9s dans le logiciel Webkit int\u00e9gr\u00e9 dans itunes\npermettent \u00e0 un attaquant d\u0027ex\u00e9cuter du code arbitraire par une\ntechnique du type \u0027homme au milieu\u0027, lorsque l\u0027utilisateur est connect\u00e9\n\u00e0 l\u0027itunesStore.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2011-1290",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1290"
    },
    {
      "name": "CVE-2011-1344",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1344"
    }
  ],
  "links": [],
  "reference": "CERTA-2011-AVI-235",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2011-04-19T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s dans itunes permettent \u00e0 un attaquant\nd\u0027ex\u00e9cuter du code arbitraire \u00e0 distance.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans itunes",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple HT4609 du 18 avril 2011",
      "url": "http://support.apple.com/kb/HT4609"
    }
  ]
}

CERTA-2011-AVI-226

Vulnerability from certfr_avis - Published: - Updated:

Plusieurs vulnérabilités permettant à un utilisateur malintentionné d'éxécuter du code arbitraire à distance ont été corrigées dans Safari.

Description

Deux vulnérabilités ont été corrigées par Apple dans la version 5.0.5 de Safari. Il s'agit de failles permettant à une personne malintentionné d'exécuter du code arbitraire lors de la visite d'un site internet spécialement conçu. Elles sont localisées dans le composant WebKit de Safari. La première vulnérabilité (CVE-2011-1290) provient d'un dépassement d'entier. La seconde (CVE-2011-1344) résulte de la réutilisation d'un pointeur mémoire précédemment libéré.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Apple Safari versions antérieures à 5.0.5.

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Bulletin de sécurité Apple HT4596 du 14 avril 2011	None	vendor-advisory
Bulletin de sécurité Apple:	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cp\u003eApple Safari versions ant\u00e9rieures \u00e0  5.0.5.\u003c/p\u003e",
  "content": "## Description\n\nDeux vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es par Apple dans la version 5.0.5 de\nSafari. Il s\u0027agit de failles permettant \u00e0 une personne malintentionn\u00e9\nd\u0027ex\u00e9cuter du code arbitraire lors de la visite d\u0027un site internet\nsp\u00e9cialement con\u00e7u. Elles sont localis\u00e9es dans le composant WebKit de\nSafari. La premi\u00e8re vuln\u00e9rabilit\u00e9 (CVE-2011-1290) provient d\u0027un\nd\u00e9passement d\u0027entier. La seconde (CVE-2011-1344) r\u00e9sulte de la\nr\u00e9utilisation d\u0027un pointeur m\u00e9moire pr\u00e9c\u00e9demment lib\u00e9r\u00e9.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2011-1290",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1290"
    },
    {
      "name": "CVE-2011-1344",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1344"
    }
  ],
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Apple:",
      "url": "http://support.apple.com/kb/HT4596"
    }
  ],
  "reference": "CERTA-2011-AVI-226",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2011-04-15T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    }
  ],
  "summary": "Plusieurs vuln\u00e9rabilit\u00e9s permettant \u00e0 un utilisateur malintentionn\u00e9\nd\u0027\u00e9x\u00e9cuter du code arbitraire \u00e0 distance ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eSafari\u003c/span\u003e.\n",
  "title": "Vuln\u00e9rabilit\u00e9s dans Safari",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple HT4596 du 14 avril 2011",
      "url": null
    }
  ]
}

CERTA-2011-AVI-226

Vulnerability from certfr_avis - Published: - Updated:

Plusieurs vulnérabilités permettant à un utilisateur malintentionné d'éxécuter du code arbitraire à distance ont été corrigées dans Safari.

Description

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Apple Safari versions antérieures à 5.0.5.

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Bulletin de sécurité Apple HT4596 du 14 avril 2011	None	vendor-advisory
Bulletin de sécurité Apple:	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cp\u003eApple Safari versions ant\u00e9rieures \u00e0  5.0.5.\u003c/p\u003e",
  "content": "## Description\n\nDeux vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es par Apple dans la version 5.0.5 de\nSafari. Il s\u0027agit de failles permettant \u00e0 une personne malintentionn\u00e9\nd\u0027ex\u00e9cuter du code arbitraire lors de la visite d\u0027un site internet\nsp\u00e9cialement con\u00e7u. Elles sont localis\u00e9es dans le composant WebKit de\nSafari. La premi\u00e8re vuln\u00e9rabilit\u00e9 (CVE-2011-1290) provient d\u0027un\nd\u00e9passement d\u0027entier. La seconde (CVE-2011-1344) r\u00e9sulte de la\nr\u00e9utilisation d\u0027un pointeur m\u00e9moire pr\u00e9c\u00e9demment lib\u00e9r\u00e9.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2011-1290",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1290"
    },
    {
      "name": "CVE-2011-1344",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1344"
    }
  ],
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Apple:",
      "url": "http://support.apple.com/kb/HT4596"
    }
  ],
  "reference": "CERTA-2011-AVI-226",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2011-04-15T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    }
  ],
  "summary": "Plusieurs vuln\u00e9rabilit\u00e9s permettant \u00e0 un utilisateur malintentionn\u00e9\nd\u0027\u00e9x\u00e9cuter du code arbitraire \u00e0 distance ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eSafari\u003c/span\u003e.\n",
  "title": "Vuln\u00e9rabilit\u00e9s dans Safari",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple HT4596 du 14 avril 2011",
      "url": null
    }
  ]
}

CERTA-2011-AVI-152

Vulnerability from certfr_avis - Published: - Updated:

Une vulnérabilité du navigateur Google Chrome permet l'exécution de code arbitraire à distance.

Description

Une vulnérabilité non divulguée dans le navigateur Google Chrome permet l'exécution de code arbitraire à distance.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Google Chrome versions antérieures à 10.0.648.133.

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Note de version Google Chrome du 11 mars 2011	None	vendor-advisory
Note de version Google Chrome 2011/03/stable-and-beta-channel-updates.html du 11 mars 2011 :	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cp\u003eGoogle Chrome versions ant\u00e9rieures \u00e0  10.0.648.133.\u003c/p\u003e",
  "content": "## Description\n\nUne vuln\u00e9rabilit\u00e9 non divulgu\u00e9e dans le navigateur Google Chrome permet\nl\u0027ex\u00e9cution de code arbitraire \u00e0 distance.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2011-1290",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1290"
    }
  ],
  "links": [
    {
      "title": "Note de version Google Chrome    2011/03/stable-and-beta-channel-updates.html du 11 mars 2011 :",
      "url": "http://googlechromereleases.blogspot.com/2011/03/stable-and-beta-channel-updates.html"
    }
  ],
  "reference": "CERTA-2011-AVI-152",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2011-03-14T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    }
  ],
  "summary": "Une vuln\u00e9rabilit\u00e9 du navigateur Google Chrome permet l\u0027ex\u00e9cution de code\narbitraire \u00e0 distance.\n",
  "title": "Vuln\u00e9rabilit\u00e9 dans Google Chrome",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Note de version Google Chrome du 11 mars 2011",
      "url": null
    }
  ]
}

CERTA-2011-AVI-228

Vulnerability from certfr_avis - Published: - Updated:

Plusieurs vulnérabilités ont été corrigées dans Apple iOS 4.3.2. Certaines permettent l'exécution de code arbitraire à distance.

Description

Plusieurs vulnérablités ont été corrigées dans différents composants du système d'exploitation Apple iOS, notamment dans :

la mise en liste noire de certains certificats SSL ;
libxslt ;
QuickLook ;
WebKit.

Certaines de ces vulnérabilités permettent l'exécution de code arbitraire à distance.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Apple iOS versions antérieures à la version 4.3.2.

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Bulletin de sécurité Apple HT4606 du 14 avril 2011

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cP\u003eApple iOS versions ant\u00e9rieures \u00e0 la version 4.3.2.\u003c/P\u003e",
  "content": "## Description\n\nPlusieurs vuln\u00e9rablit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans diff\u00e9rents composants du\nsyst\u00e8me d\u0027exploitation Apple iOS, notamment dans\u00a0:\n\n-   la mise en liste noire de certains certificats SSL\u00a0;\n-   libxslt\u00a0;\n-   QuickLook\u00a0;\n-   WebKit.\n\nCertaines de ces vuln\u00e9rabilit\u00e9s permettent l\u0027ex\u00e9cution de code\narbitraire \u00e0 distance.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2011-0195",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0195"
    },
    {
      "name": "CVE-2011-1290",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1290"
    },
    {
      "name": "CVE-2011-1417",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1417"
    },
    {
      "name": "CVE-2011-1344",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1344"
    }
  ],
  "links": [],
  "reference": "CERTA-2011-AVI-228",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2011-04-15T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "Plusieurs vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans Apple iOS 4.3.2.\nCertaines permettent l\u0027ex\u00e9cution de code arbitraire \u00e0 distance.\n",
  "title": "Vuln\u00e9rabilit\u00e9s dans Apple iOS",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple HT4606 du 14 avril 2011",
      "url": "http://support.apple.com/kb/HT4606"
    }
  ]
}

CERTA-2011-AVI-228

Vulnerability from certfr_avis - Published: - Updated:

Plusieurs vulnérabilités ont été corrigées dans Apple iOS 4.3.2. Certaines permettent l'exécution de code arbitraire à distance.

Description

Plusieurs vulnérablités ont été corrigées dans différents composants du système d'exploitation Apple iOS, notamment dans :

la mise en liste noire de certains certificats SSL ;
libxslt ;
QuickLook ;
WebKit.

Certaines de ces vulnérabilités permettent l'exécution de code arbitraire à distance.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Apple iOS versions antérieures à la version 4.3.2.

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Bulletin de sécurité Apple HT4606 du 14 avril 2011

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cP\u003eApple iOS versions ant\u00e9rieures \u00e0 la version 4.3.2.\u003c/P\u003e",
  "content": "## Description\n\nPlusieurs vuln\u00e9rablit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans diff\u00e9rents composants du\nsyst\u00e8me d\u0027exploitation Apple iOS, notamment dans\u00a0:\n\n-   la mise en liste noire de certains certificats SSL\u00a0;\n-   libxslt\u00a0;\n-   QuickLook\u00a0;\n-   WebKit.\n\nCertaines de ces vuln\u00e9rabilit\u00e9s permettent l\u0027ex\u00e9cution de code\narbitraire \u00e0 distance.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2011-0195",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0195"
    },
    {
      "name": "CVE-2011-1290",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1290"
    },
    {
      "name": "CVE-2011-1417",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1417"
    },
    {
      "name": "CVE-2011-1344",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1344"
    }
  ],
  "links": [],
  "reference": "CERTA-2011-AVI-228",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2011-04-15T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "Plusieurs vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans Apple iOS 4.3.2.\nCertaines permettent l\u0027ex\u00e9cution de code arbitraire \u00e0 distance.\n",
  "title": "Vuln\u00e9rabilit\u00e9s dans Apple iOS",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple HT4606 du 14 avril 2011",
      "url": "http://support.apple.com/kb/HT4606"
    }
  ]
}

CERTA-2011-AVI-235

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités dans itunes permettent à un attaquant d'exécuter du code arbitraire à distance.

Description

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Apple itunes versions antérieures à 10.2.2 pour Microsoft Windows.

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Bulletin de sécurité Apple HT4609 du 18 avril 2011

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cp\u003eApple itunes versions ant\u00e9rieures \u00e0  10.2.2 pour Microsoft Windows.\u003c/p\u003e",
  "content": "## Description\n\nDe multiples vuln\u00e9rabilit\u00e9s dans le logiciel Webkit int\u00e9gr\u00e9 dans itunes\npermettent \u00e0 un attaquant d\u0027ex\u00e9cuter du code arbitraire par une\ntechnique du type \u0027homme au milieu\u0027, lorsque l\u0027utilisateur est connect\u00e9\n\u00e0 l\u0027itunesStore.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2011-1290",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1290"
    },
    {
      "name": "CVE-2011-1344",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1344"
    }
  ],
  "links": [],
  "reference": "CERTA-2011-AVI-235",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2011-04-19T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s dans itunes permettent \u00e0 un attaquant\nd\u0027ex\u00e9cuter du code arbitraire \u00e0 distance.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans itunes",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple HT4609 du 18 avril 2011",
      "url": "http://support.apple.com/kb/HT4609"
    }
  ]
}

GSD-2011-1290

Vulnerability from gsd - Updated: 2023-12-13 01:19

Details

Aliases

CVE-2011-1290

Aliases

CVE-2011-1290

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2011-1290",
    "description": "Integer overflow in WebKit, as used on the Research In Motion (RIM) BlackBerry Torch 9800 with firmware 6.0.0.246, in Google Chrome before 10.0.648.133, and in Apple Safari before 5.0.5, allows remote attackers to execute arbitrary code via unknown vectors related to CSS \"style handling,\" nodesets, and a length value, as demonstrated by Vincenzo Iozzo, Willem Pinckaers, and Ralf-Philipp Weinmann during a Pwn2Own competition at CanSecWest 2011.",
    "id": "GSD-2011-1290",
    "references": [
      "https://www.suse.com/security/cve/CVE-2011-1290.html",
      "https://www.debian.org/security/2011/dsa-2192"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2011-1290"
      ],
      "details": "Integer overflow in WebKit, as used on the Research In Motion (RIM) BlackBerry Torch 9800 with firmware 6.0.0.246, in Google Chrome before 10.0.648.133, and in Apple Safari before 5.0.5, allows remote attackers to execute arbitrary code via unknown vectors related to CSS \"style handling,\" nodesets, and a length value, as demonstrated by Vincenzo Iozzo, Willem Pinckaers, and Ralf-Philipp Weinmann during a Pwn2Own competition at CanSecWest 2011.",
      "id": "GSD-2011-1290",
      "modified": "2023-12-13T01:19:08.721519Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2011-1290",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Integer overflow in WebKit, as used on the Research In Motion (RIM) BlackBerry Torch 9800 with firmware 6.0.0.246, in Google Chrome before 10.0.648.133, and in Apple Safari before 5.0.5, allows remote attackers to execute arbitrary code via unknown vectors related to CSS \"style handling,\" nodesets, and a length value, as demonstrated by Vincenzo Iozzo, Willem Pinckaers, and Ralf-Philipp Weinmann during a Pwn2Own competition at CanSecWest 2011."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "ADV-2011-0654",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2011/0654"
          },
          {
            "name": "http://googlechromereleases.blogspot.com/2011/03/stable-and-beta-channel-updates.html",
            "refsource": "CONFIRM",
            "url": "http://googlechromereleases.blogspot.com/2011/03/stable-and-beta-channel-updates.html"
          },
          {
            "name": "44151",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/44151"
          },
          {
            "name": "46849",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/46849"
          },
          {
            "name": "1025212",
            "refsource": "SECTRACK",
            "url": "http://www.securitytracker.com/id?1025212"
          },
          {
            "name": "http://support.apple.com/kb/HT4596",
            "refsource": "CONFIRM",
            "url": "http://support.apple.com/kb/HT4596"
          },
          {
            "name": "71182",
            "refsource": "OSVDB",
            "url": "http://osvdb.org/71182"
          },
          {
            "name": "DSA-2192",
            "refsource": "DEBIAN",
            "url": "http://www.debian.org/security/2011/dsa-2192"
          },
          {
            "name": "APPLE-SA-2011-04-14-3",
            "refsource": "APPLE",
            "url": "http://lists.apple.com/archives/security-announce/2011//Apr/msg00002.html"
          },
          {
            "name": "APPLE-SA-2011-04-14-2",
            "refsource": "APPLE",
            "url": "http://lists.apple.com/archives/security-announce/2011//Apr/msg00001.html"
          },
          {
            "name": "http://www.zerodayinitiative.com/advisories/ZDI-11-104",
            "refsource": "MISC",
            "url": "http://www.zerodayinitiative.com/advisories/ZDI-11-104"
          },
          {
            "name": "http://www.blackberry.com/btsc/KB26132",
            "refsource": "CONFIRM",
            "url": "http://www.blackberry.com/btsc/KB26132"
          },
          {
            "name": "ADV-2011-0984",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2011/0984"
          },
          {
            "name": "ADV-2011-0645",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2011/0645"
          },
          {
            "name": "http://dvlabs.tippingpoint.com/blog/2011/02/02/pwn2own-2011",
            "refsource": "MISC",
            "url": "http://dvlabs.tippingpoint.com/blog/2011/02/02/pwn2own-2011"
          },
          {
            "name": "43782",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/43782"
          },
          {
            "name": "http://support.apple.com/kb/HT4607",
            "refsource": "CONFIRM",
            "url": "http://support.apple.com/kb/HT4607"
          },
          {
            "name": "ADV-2011-0671",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2011/0671"
          },
          {
            "name": "APPLE-SA-2011-04-14-1",
            "refsource": "APPLE",
            "url": "http://lists.apple.com/archives/security-announce/2011//Apr/msg00000.html"
          },
          {
            "name": "http://www.zdnet.com/blog/security/pwn2own-2011-blackberry-falls-to-webkit-browser-attack/8401",
            "refsource": "MISC",
            "url": "http://www.zdnet.com/blog/security/pwn2own-2011-blackberry-falls-to-webkit-browser-attack/8401"
          },
          {
            "name": "43748",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/43748"
          },
          {
            "name": "20110414 ZDI-11-104: (Pwn2Own) Webkit CSS Text Element Count Remote Code Execution Vulnerability",
            "refsource": "BUGTRAQ",
            "url": "http://www.securityfocus.com/archive/1/517513/100/0/threaded"
          },
          {
            "name": "44154",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/44154"
          },
          {
            "name": "google-webkit-style-code-execution(66052)",
            "refsource": "XF",
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66052"
          },
          {
            "name": "43735",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/43735"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:rim:blackberry_torch_9800_firmware:6.0.0.246:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apple:webkit:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:rim:blackberry_torch_9800:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2011-1290"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Integer overflow in WebKit, as used on the Research In Motion (RIM) BlackBerry Torch 9800 with firmware 6.0.0.246, in Google Chrome before 10.0.648.133, and in Apple Safari before 5.0.5, allows remote attackers to execute arbitrary code via unknown vectors related to CSS \"style handling,\" nodesets, and a length value, as demonstrated by Vincenzo Iozzo, Willem Pinckaers, and Ralf-Philipp Weinmann during a Pwn2Own competition at CanSecWest 2011."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-189"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://dvlabs.tippingpoint.com/blog/2011/02/02/pwn2own-2011",
              "refsource": "MISC",
              "tags": [],
              "url": "http://dvlabs.tippingpoint.com/blog/2011/02/02/pwn2own-2011"
            },
            {
              "name": "http://www.zdnet.com/blog/security/pwn2own-2011-blackberry-falls-to-webkit-browser-attack/8401",
              "refsource": "MISC",
              "tags": [],
              "url": "http://www.zdnet.com/blog/security/pwn2own-2011-blackberry-falls-to-webkit-browser-attack/8401"
            },
            {
              "name": "ADV-2011-0645",
              "refsource": "VUPEN",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://www.vupen.com/english/advisories/2011/0645"
            },
            {
              "name": "http://googlechromereleases.blogspot.com/2011/03/stable-and-beta-channel-updates.html",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://googlechromereleases.blogspot.com/2011/03/stable-and-beta-channel-updates.html"
            },
            {
              "name": "43748",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/43748"
            },
            {
              "name": "DSA-2192",
              "refsource": "DEBIAN",
              "tags": [],
              "url": "http://www.debian.org/security/2011/dsa-2192"
            },
            {
              "name": "1025212",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://www.securitytracker.com/id?1025212"
            },
            {
              "name": "43735",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/43735"
            },
            {
              "name": "ADV-2011-0671",
              "refsource": "VUPEN",
              "tags": [],
              "url": "http://www.vupen.com/english/advisories/2011/0671"
            },
            {
              "name": "43782",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/43782"
            },
            {
              "name": "http://www.blackberry.com/btsc/KB26132",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://www.blackberry.com/btsc/KB26132"
            },
            {
              "name": "ADV-2011-0654",
              "refsource": "VUPEN",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://www.vupen.com/english/advisories/2011/0654"
            },
            {
              "name": "46849",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/46849"
            },
            {
              "name": "APPLE-SA-2011-04-14-1",
              "refsource": "APPLE",
              "tags": [],
              "url": "http://lists.apple.com/archives/security-announce/2011//Apr/msg00000.html"
            },
            {
              "name": "APPLE-SA-2011-04-14-3",
              "refsource": "APPLE",
              "tags": [],
              "url": "http://lists.apple.com/archives/security-announce/2011//Apr/msg00002.html"
            },
            {
              "name": "APPLE-SA-2011-04-14-2",
              "refsource": "APPLE",
              "tags": [],
              "url": "http://lists.apple.com/archives/security-announce/2011//Apr/msg00001.html"
            },
            {
              "name": "44154",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/44154"
            },
            {
              "name": "ADV-2011-0984",
              "refsource": "VUPEN",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://www.vupen.com/english/advisories/2011/0984"
            },
            {
              "name": "http://www.zerodayinitiative.com/advisories/ZDI-11-104",
              "refsource": "MISC",
              "tags": [],
              "url": "http://www.zerodayinitiative.com/advisories/ZDI-11-104"
            },
            {
              "name": "http://support.apple.com/kb/HT4607",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://support.apple.com/kb/HT4607"
            },
            {
              "name": "http://support.apple.com/kb/HT4596",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://support.apple.com/kb/HT4596"
            },
            {
              "name": "44151",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/44151"
            },
            {
              "name": "71182",
              "refsource": "OSVDB",
              "tags": [],
              "url": "http://osvdb.org/71182"
            },
            {
              "name": "google-webkit-style-code-execution(66052)",
              "refsource": "XF",
              "tags": [],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66052"
            },
            {
              "name": "20110414 ZDI-11-104: (Pwn2Own) Webkit CSS Text Element Count Remote Code Execution Vulnerability",
              "refsource": "BUGTRAQ",
              "tags": [],
              "url": "http://www.securityfocus.com/archive/1/517513/100/0/threaded"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 10.0,
            "confidentialityImpact": "COMPLETE",
            "integrityImpact": "COMPLETE",
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 10.0,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2018-10-09T19:30Z",
      "publishedDate": "2011-03-11T21:57Z"
    }
  }
}

FKIE_CVE-2011-1290

Vulnerability from fkie_nvd - Published: 2011-03-11 21:57 - Updated: 2025-04-11 00:51

Severity ?

Summary

References

URL	Tags
cve@mitre.org	http://dvlabs.tippingpoint.com/blog/2011/02/02/pwn2own-2011
cve@mitre.org	http://googlechromereleases.blogspot.com/2011/03/stable-and-beta-channel-updates.html
cve@mitre.org	http://lists.apple.com/archives/security-announce/2011//Apr/msg00000.html
cve@mitre.org	http://lists.apple.com/archives/security-announce/2011//Apr/msg00001.html
cve@mitre.org	http://lists.apple.com/archives/security-announce/2011//Apr/msg00002.html
cve@mitre.org	http://osvdb.org/71182
cve@mitre.org	http://secunia.com/advisories/43735	Vendor Advisory
cve@mitre.org	http://secunia.com/advisories/43748	Vendor Advisory
cve@mitre.org	http://secunia.com/advisories/43782	Vendor Advisory
cve@mitre.org	http://secunia.com/advisories/44151	Vendor Advisory
cve@mitre.org	http://secunia.com/advisories/44154	Vendor Advisory
cve@mitre.org	http://support.apple.com/kb/HT4596
cve@mitre.org	http://support.apple.com/kb/HT4607
cve@mitre.org	http://www.blackberry.com/btsc/KB26132
cve@mitre.org	http://www.debian.org/security/2011/dsa-2192
cve@mitre.org	http://www.securityfocus.com/archive/1/517513/100/0/threaded
cve@mitre.org	http://www.securityfocus.com/bid/46849
cve@mitre.org	http://www.securitytracker.com/id?1025212
cve@mitre.org	http://www.vupen.com/english/advisories/2011/0645	Vendor Advisory
cve@mitre.org	http://www.vupen.com/english/advisories/2011/0654	Vendor Advisory
cve@mitre.org	http://www.vupen.com/english/advisories/2011/0671
cve@mitre.org	http://www.vupen.com/english/advisories/2011/0984	Vendor Advisory
cve@mitre.org	http://www.zdnet.com/blog/security/pwn2own-2011-blackberry-falls-to-webkit-browser-attack/8401
cve@mitre.org	http://www.zerodayinitiative.com/advisories/ZDI-11-104
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/66052
af854a3a-2127-422b-91ae-364da2661108	http://dvlabs.tippingpoint.com/blog/2011/02/02/pwn2own-2011
af854a3a-2127-422b-91ae-364da2661108	http://googlechromereleases.blogspot.com/2011/03/stable-and-beta-channel-updates.html
af854a3a-2127-422b-91ae-364da2661108	http://lists.apple.com/archives/security-announce/2011//Apr/msg00000.html
af854a3a-2127-422b-91ae-364da2661108	http://lists.apple.com/archives/security-announce/2011//Apr/msg00001.html
af854a3a-2127-422b-91ae-364da2661108	http://lists.apple.com/archives/security-announce/2011//Apr/msg00002.html
af854a3a-2127-422b-91ae-364da2661108	http://osvdb.org/71182
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/43735	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/43748	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/43782	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/44151	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/44154	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://support.apple.com/kb/HT4596
af854a3a-2127-422b-91ae-364da2661108	http://support.apple.com/kb/HT4607
af854a3a-2127-422b-91ae-364da2661108	http://www.blackberry.com/btsc/KB26132
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2011/dsa-2192
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/517513/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/46849
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id?1025212
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2011/0645	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2011/0654	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2011/0671
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2011/0984	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.zdnet.com/blog/security/pwn2own-2011-blackberry-falls-to-webkit-browser-attack/8401
af854a3a-2127-422b-91ae-364da2661108	http://www.zerodayinitiative.com/advisories/ZDI-11-104
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/66052

Impacted products

Vendor	Product	Version
apple	webkit	*
rim	blackberry_torch_9800_firmware	6.0.0.246
rim	blackberry_torch_9800	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:apple:webkit:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "461EFB63-7933-488C-BB4E-7C913364F5A9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rim:blackberry_torch_9800_firmware:6.0.0.246:*:*:*:*:*:*:*",
              "matchCriteriaId": "C295C9D4-54E7-44C8-98B6-8E0588D8FAA0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:rim:blackberry_torch_9800:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BE6974E3-F348-4C8C-B199-4E680D6CB0E7",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Integer overflow in WebKit, as used on the Research In Motion (RIM) BlackBerry Torch 9800 with firmware 6.0.0.246, in Google Chrome before 10.0.648.133, and in Apple Safari before 5.0.5, allows remote attackers to execute arbitrary code via unknown vectors related to CSS \"style handling,\" nodesets, and a length value, as demonstrated by Vincenzo Iozzo, Willem Pinckaers, and Ralf-Philipp Weinmann during a Pwn2Own competition at CanSecWest 2011."
    },
    {
      "lang": "es",
      "value": "Un desbordamiento de enteros en WebKit, tal y como es usado en el BlackBerry Torch 9800 de Research In Motion (RIM) con versi\u00f3n de firmware 6.0.0.246, en Google Chrome anterior a versi\u00f3n 10.0.648.133 y en Apple Safari anterior a versi\u00f3n 5.0.5, permite a los atacantes remotos ejecutar c\u00f3digo arbitrario por medio de vectores desconocidos relacionados a el \"style handling,\" de CSS, los ajustes de nodos y un valor de longitud, como es demostrado por Vincenzo Iozzo, Willem Pinckaers y Ralf-Philipp Weinmann durante una competencia de Pwn2Own en CanSecWest 2011."
    }
  ],
  "id": "CVE-2011-1290",
  "lastModified": "2025-04-11T00:51:21.963",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 10.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2011-03-11T21:57:16.893",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://dvlabs.tippingpoint.com/blog/2011/02/02/pwn2own-2011"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://googlechromereleases.blogspot.com/2011/03/stable-and-beta-channel-updates.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://lists.apple.com/archives/security-announce/2011//Apr/msg00000.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://lists.apple.com/archives/security-announce/2011//Apr/msg00001.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://lists.apple.com/archives/security-announce/2011//Apr/msg00002.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://osvdb.org/71182"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/43735"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/43748"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/43782"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/44151"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/44154"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://support.apple.com/kb/HT4596"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://support.apple.com/kb/HT4607"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.blackberry.com/btsc/KB26132"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.debian.org/security/2011/dsa-2192"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/517513/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/46849"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securitytracker.com/id?1025212"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2011/0645"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2011/0654"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2011/0671"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2011/0984"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.zdnet.com/blog/security/pwn2own-2011-blackberry-falls-to-webkit-browser-attack/8401"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.zerodayinitiative.com/advisories/ZDI-11-104"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66052"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://dvlabs.tippingpoint.com/blog/2011/02/02/pwn2own-2011"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://googlechromereleases.blogspot.com/2011/03/stable-and-beta-channel-updates.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.apple.com/archives/security-announce/2011//Apr/msg00000.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.apple.com/archives/security-announce/2011//Apr/msg00001.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.apple.com/archives/security-announce/2011//Apr/msg00002.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://osvdb.org/71182"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/43735"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/43748"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/43782"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/44151"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/44154"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://support.apple.com/kb/HT4596"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://support.apple.com/kb/HT4607"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.blackberry.com/btsc/KB26132"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2011/dsa-2192"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/517513/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/46849"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1025212"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2011/0645"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2011/0654"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2011/0671"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2011/0984"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.zdnet.com/blog/security/pwn2own-2011-blackberry-falls-to-webkit-browser-attack/8401"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.zerodayinitiative.com/advisories/ZDI-11-104"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66052"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-189"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

VAR-201103-0294

Vulnerability from variot - Updated: 2024-07-23 20:56

Integer overflow in WebKit, as used on the Research In Motion (RIM) BlackBerry Torch 9800 with firmware 6.0.0.246, in Google Chrome before 10.0.648.133, and in Apple Safari before 5.0.5, allows remote attackers to execute arbitrary code via unknown vectors related to CSS "style handling," nodesets, and a length value, as demonstrated by Vincenzo Iozzo, Willem Pinckaers, and Ralf-Philipp Weinmann during a Pwn2Own competition at CanSecWest 2011. WebKit Is CSS There is a flaw in the handling of styles, node sets, and length values that could allow arbitrary code execution.Skillfully crafted by a third party Web Through the site, you may get important information on the heap memory address. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Webkit. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the WebKit library's implementation of a CSS style. When totaling the length of it's string elements, the library will store the result into a 32bit integer. This value will be used for an allocation and then later will be used to initialize the allocated buffer. Due to the number of elements being totaled being variable, this will allow an aggressor to provide as many elements as necessary in order to cause the integer value to wrap causing an under-allocation. Initialization of this data will then cause a heap-based buffer overflow. This can lead to code execution under the context of the application. WebKit is prone to a memory-corruption vulnerability. An attacker can exploit this issue by enticing an unsuspecting victim to view a malicious webpage. Failed exploit attempts will result in a denial-of-service condition. NOTE: This issue was previously discussed in BID 46833 (Blackberry Browser Multiple Unspecified Information Disclosure and Integer Overflow Vulnerabilities), but has been given its own record to better document it. Google Chrome is a web browser developed by Google (Google). This vulnerability has been demonstrated by Vincenzo Iozzo, Willem Pinckaers and Ralf-Philipp Weinmann in the Pwn2Own hacking contest at CanSecWest 2011. ZDI-11-104: (Pwn2Own) Webkit CSS Text Element Count Remote Code Execution Vulnerability

http://www.zerodayinitiative.com/advisories/ZDI-11-104

April 14, 2011

-- CVE ID: CVE-2011-1290

-- CVSS: 9, (AV:N/AC:L/Au:N/C:P/I:P/A:C)

-- Affected Vendors: WebKit

-- Affected Products: WebKit WebKit

-- TippingPoint(TM) IPS Customer Protection: TippingPoint IPS customers have been protected against this vulnerability by Digital Vaccine protection filter ID 11087.

-- Vendor Response: Apple patch on April 14, 2011: http://support.apple.com/kb/HT4606 http://support.apple.com/kb/HT4607 http://support.apple.com/kb/HT4596

-- Disclosure Timeline: 2011-03-31 - Vulnerability reported to vendor 2011-04-14 - Coordinated public release of advisory

-- Credit: This vulnerability was discovered by: * Anonymous * Vincenzo Iozzo, Willem Pinckaers, and Ralf-Philipp Weinmann

-- About the Zero Day Initiative (ZDI): Established by TippingPoint, The Zero Day Initiative (ZDI) represents a best-of-breed model for rewarding security researchers for responsibly disclosing discovered vulnerabilities.

Researchers interested in getting paid for their security research through the ZDI can find more information and sign-up at:

http://www.zerodayinitiative.com

The ZDI is unique in how the acquired vulnerability information is used. TippingPoint does not re-sell the vulnerability details or any exploit code. Instead, upon notifying the affected product vendor, TippingPoint provides its customers with zero day protection through its intrusion prevention technology. Explicit details regarding the specifics of the vulnerability are not exposed to any parties until an official vendor patch is publicly available. Furthermore, with the altruistic aim of helping to secure a broader user base, TippingPoint provides this vulnerability information confidentially to security vendors (including competitors) who have a vulnerability protection or mitigation product.

Our vulnerability disclosure policy is available online at:

http://www.zerodayinitiative.com/advisories/disclosure_policy/

Follow the ZDI on Twitter:

http://twitter.com/thezdi

. Gents,

If you are a lucky BlackBerry owner, or an administrator of many BB devices, you can do a quick security check of your smartphone(s), by browsing this web page from your device (free quick check):

http://tehtris.com/bbcheck

For now, this will check for you if you are potentially vulnerable against those exploits:

-> Nov 2007 - US-CERT Advisory VU#282856 - Exploit from Michael Kemp http://www.blackberry.com/btsc/KB12577

-> Jan 2011 - CVE-2010-2599 - Exploit found by TEHTRI-Security http://www.blackberry.com/btsc/KB24841

-> Mar 2011 - CVE-2011-1290 - Awesome Pwn2own/CSW exploit from Vincenzo Iozzo, Ralf Philipp Weinmann, and Willem Pinckaers

A workaround for this latest vulnerability (CVE-2011-1290) could be to disable JavaScript, as explained on RIM resources.

You should definitely read this: http://www.blackberry.com/btsc/KB26132

Have a nice day,

Laurent OUDOT, CEO TEHTRI-Security -- "This is not a game" http://www.tehtri-security.com/ Follow us: @tehtris

=> Join us for more hacking tricks during next awesome events:

SyScan Singapore (April) -- Training: "Advanced PHP Hacking" http://www.syscan.org/index.php/sg/training
HITB Amsterdam (May) -- Training: "Hunting Web Attackers" http://conference.hackinthebox.org/hitbsecconf2011ams/?page_id=16 . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1

Debian Security Advisory DSA-2192-1 security@debian.org http://www.debian.org/security/ Giuseppe Iuculano March 15, 2011 http://www.debian.org/security/faq

Package : chromium-browser Vulnerability : several Problem type : remote Debian-specific: no CVE ID : CVE-2011-0779 CVE-2011-1290

Several vulnerabilities were discovered in the Chromium browser. The Common Vulnerabilities and Exposures project identifies the following problems:

CVE-2011-0779

Google Chrome before 9.0.597.84 does not properly handle a missing key in an extension, which allows remote attackers to cause a denial of service (application crash) via a crafted extension.

For the stable distribution (squeeze), these problems have been fixed in version 6.0.472.63~r59945-5+squeeze4

For the testing distribution (wheezy), these problems will be fixed soon.

For the unstable distribution (sid), these problems have been fixed version 10.0.648.133~r77742-1

We recommend that you upgrade your chromium-browser packages.

Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: http://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org

-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux)

iEYEARECAAYFAk1/lHMACgkQNxpp46476ao/EwCdFThT2dtAQ9HB8yza9Z4gIqV4 FeIAn3zISoa/86EhpLs5qjhMB9gQ6Oc0 =QJZP -----END PGP SIGNATURE-----

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201103-0294",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 1.1,
        "vendor": "apple",
        "version": "10"
      },
      {
        "model": "webkit",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apple",
        "version": "*"
      },
      {
        "model": "blackberry torch 9800",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "rim",
        "version": "6.0.0.246"
      },
      {
        "model": "blackberry torch 9800",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "rim",
        "version": "*"
      },
      {
        "model": "device software",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "blackberry",
        "version": "6.0 and later"
      },
      {
        "model": "chrome",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "google",
        "version": "10.0.648.133"
      },
      {
        "model": "mac os x",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "apple",
        "version": "v10.5.8"
      },
      {
        "model": "mac os x server",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "apple",
        "version": "v10.5.8"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "apple",
        "version": "3.0 to  4.3.1 (iphone 3gs after )"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "apple",
        "version": "3.1 to  4.3.1 (ipod touch (3rd generation) after )"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "apple",
        "version": "3.2 to  4.3.1 (ipad for )"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "apple",
        "version": "4.2.5 to  4.2.6 (iphone 4 (cdma))"
      },
      {
        "model": "ipad",
        "scope": null,
        "trust": 0.8,
        "vendor": "apple",
        "version": null
      },
      {
        "model": "iphone",
        "scope": null,
        "trust": 0.8,
        "vendor": "apple",
        "version": null
      },
      {
        "model": "ipod touch",
        "scope": null,
        "trust": 0.8,
        "vendor": "apple",
        "version": null
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "apple",
        "version": "5"
      },
      {
        "model": "webkit",
        "scope": null,
        "trust": 0.7,
        "vendor": "webkit",
        "version": null
      },
      {
        "model": "webkit",
        "scope": null,
        "trust": 0.6,
        "vendor": "apple",
        "version": null
      },
      {
        "model": "in motion blackberry torch",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "research",
        "version": "98000"
      },
      {
        "model": "in motion blackberry style",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "research",
        "version": "96700"
      },
      {
        "model": "in motion blackberry pearl",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "research",
        "version": "91000"
      },
      {
        "model": "in motion blackberry pearl",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "research",
        "version": "81000"
      },
      {
        "model": "in motion blackberry device software",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "research",
        "version": "6.0"
      },
      {
        "model": "in motion blackberry curve",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "research",
        "version": "93000"
      },
      {
        "model": "in motion blackberry curve",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "research",
        "version": "83000"
      },
      {
        "model": "in motion blackberry browser",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "research",
        "version": "0"
      },
      {
        "model": "in motion blackberry",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "research",
        "version": "97800"
      },
      {
        "model": "in motion blackberry",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "research",
        "version": "97005.0.0.593"
      },
      {
        "model": "in motion blackberry",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "research",
        "version": "88004.2"
      },
      {
        "model": "in motion blackberry",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "research",
        "version": "88004.1"
      },
      {
        "model": "in motion blackberry",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "research",
        "version": "88000"
      },
      {
        "model": "in motion blackberry",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "research",
        "version": "87204.2"
      },
      {
        "model": "in motion blackberry",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "research",
        "version": "87204.1"
      },
      {
        "model": "in motion blackberry 8700r",
        "scope": null,
        "trust": 0.3,
        "vendor": "research",
        "version": null
      },
      {
        "model": "in motion blackberry 8700f",
        "scope": null,
        "trust": 0.3,
        "vendor": "research",
        "version": null
      },
      {
        "model": "in motion blackberry 8700c",
        "scope": null,
        "trust": 0.3,
        "vendor": "research",
        "version": null
      },
      {
        "model": "in motion blackberry",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "research",
        "version": "83204.2"
      },
      {
        "model": "in motion blackberry",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "research",
        "version": "83204.1"
      },
      {
        "model": "in motion blackberry",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "research",
        "version": "7780"
      },
      {
        "model": "in motion blackberry",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "research",
        "version": "7750"
      },
      {
        "model": "in motion blackberry",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "research",
        "version": "7730"
      },
      {
        "model": "in motion blackberry",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "research",
        "version": "7520"
      },
      {
        "model": "in motion blackberry",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "research",
        "version": "7290"
      },
      {
        "model": "in motion blackberry",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "research",
        "version": "7280"
      },
      {
        "model": "in motion blackberry",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "research",
        "version": "72700"
      },
      {
        "model": "in motion blackberry",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "research",
        "version": "7250"
      },
      {
        "model": "in motion blackberry",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "research",
        "version": "72304.0"
      },
      {
        "model": "in motion blackberry",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "research",
        "version": "72303.8"
      },
      {
        "model": "in motion blackberry",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "research",
        "version": "72303.7.1.41"
      },
      {
        "model": "in motion blackberry 7130e",
        "scope": null,
        "trust": 0.3,
        "vendor": "research",
        "version": null
      },
      {
        "model": "in motion blackberry 7105t",
        "scope": null,
        "trust": 0.3,
        "vendor": "research",
        "version": null
      },
      {
        "model": "in motion blackberry",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "research",
        "version": "7100x"
      },
      {
        "model": "in motion blackberry",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "research",
        "version": "7100v"
      },
      {
        "model": "in motion blackberry 7100t",
        "scope": null,
        "trust": 0.3,
        "vendor": "research",
        "version": null
      },
      {
        "model": "in motion blackberry 7100r",
        "scope": null,
        "trust": 0.3,
        "vendor": "research",
        "version": null
      },
      {
        "model": "in motion blackberry 7100i",
        "scope": null,
        "trust": 0.3,
        "vendor": "research",
        "version": null
      },
      {
        "model": "in motion blackberry 7100g",
        "scope": null,
        "trust": 0.3,
        "vendor": "research",
        "version": null
      },
      {
        "model": "in motion blackberry",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "research",
        "version": "9700"
      },
      {
        "model": "in motion blackberry",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "research",
        "version": "9650"
      },
      {
        "model": "in motion blackberry",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "research",
        "version": "8530"
      },
      {
        "model": "in motion blackberry",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "research",
        "version": "8520"
      },
      {
        "model": "in motion blackberry",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "research",
        "version": "8330"
      },
      {
        "model": "chrome",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "google",
        "version": "9.0.597.94"
      },
      {
        "model": "chrome",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "google",
        "version": "9.0.597.84"
      },
      {
        "model": "chrome",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "google",
        "version": "9.0.597.107"
      },
      {
        "model": "chrome",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "google",
        "version": "10.0.648.128"
      },
      {
        "model": "chrome",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "google",
        "version": "10.0.648.127"
      },
      {
        "model": "linux sparc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "debian",
        "version": "5.0"
      },
      {
        "model": "linux s/390",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "debian",
        "version": "5.0"
      },
      {
        "model": "linux powerpc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "debian",
        "version": "5.0"
      },
      {
        "model": "linux mipsel",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "debian",
        "version": "5.0"
      },
      {
        "model": "linux mips",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "debian",
        "version": "5.0"
      },
      {
        "model": "linux m68k",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "debian",
        "version": "5.0"
      },
      {
        "model": "linux ia-64",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "debian",
        "version": "5.0"
      },
      {
        "model": "linux ia-32",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "debian",
        "version": "5.0"
      },
      {
        "model": "linux hppa",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "debian",
        "version": "5.0"
      },
      {
        "model": "linux armel",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "debian",
        "version": "5.0"
      },
      {
        "model": "linux arm",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "debian",
        "version": "5.0"
      },
      {
        "model": "linux amd64",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "debian",
        "version": "5.0"
      },
      {
        "model": "linux alpha",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "debian",
        "version": "5.0"
      },
      {
        "model": "linux",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "debian",
        "version": "5.0"
      },
      {
        "model": "safari for windows",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.1.2"
      },
      {
        "model": "safari for windows",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.0.5"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.0.5"
      },
      {
        "model": "safari for windows",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.0.4"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.0.4"
      },
      {
        "model": "safari for windows",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.0.3"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.0.3"
      },
      {
        "model": "safari for windows",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.0.2"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.0.2"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.0.1"
      },
      {
        "model": "safari for windows",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "5.0.4"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "5.0.4"
      },
      {
        "model": "safari for windows",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "5.0.3"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "5.0.3"
      },
      {
        "model": "safari for windows",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "5.0.2"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "5.0.2"
      },
      {
        "model": "safari for windows",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "5.0.1"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "5.0.1"
      },
      {
        "model": "safari for windows",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "5.0"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "5.0"
      },
      {
        "model": "safari for windows",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.1.3"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.1.3"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.1.2"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.1.1"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.1"
      },
      {
        "model": "safari beta",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.0"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.0"
      },
      {
        "model": "safari for windows",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4"
      },
      {
        "model": "safari beta",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "10.2"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "10.1"
      },
      {
        "model": "ipod touch",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "0"
      },
      {
        "model": "iphone",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "0"
      },
      {
        "model": "ipad",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "0"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.2.1"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.0.2"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.0.1"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "3.2.2"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "3.2.1"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.3.1"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.3"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.2.6"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.2.5"
      },
      {
        "model": "ios beta",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.2"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.2"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.1"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "3.2"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "3.0"
      },
      {
        "model": "chrome",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "google",
        "version": "10.0.648.133"
      },
      {
        "model": "safari for windows",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "apple",
        "version": "5.0.5"
      },
      {
        "model": "safari",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "apple",
        "version": "5.0.5"
      },
      {
        "model": "itunes",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "apple",
        "version": "10.2.2"
      },
      {
        "model": "ios",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.3.2"
      },
      {
        "model": "ios",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.2.7"
      }
    ],
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-11-104"
      },
      {
        "db": "BID",
        "id": "46849"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2011-001530"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201103-180"
      },
      {
        "db": "NVD",
        "id": "CVE-2011-1290"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:rim:blackberry_torch_9800_firmware:6.0.0.246:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apple:webkit:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:rim:blackberry_torch_9800:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2011-1290"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "AnonymousVincenzo Iozzo, Willem Pinckaers, and Ralf-Philipp Weinmann",
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-11-104"
      }
    ],
    "trust": 0.7
  },
  "cve": "CVE-2011-1290",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 10.0,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 10.0,
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "HIGH",
            "trust": 1.0,
            "userInteractionRequired": false,
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Low",
            "accessVector": "Network",
            "authentication": "None",
            "author": "NVD",
            "availabilityImpact": "Complete",
            "baseScore": 10.0,
            "confidentialityImpact": "Complete",
            "exploitabilityScore": null,
            "id": "CVE-2011-1290",
            "impactScore": null,
            "integrityImpact": "Complete",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "High",
            "trust": 0.8,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "ZDI",
            "availabilityImpact": "COMPLETE",
            "baseScore": 9.0,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "CVE-2011-1290",
            "impactScore": 8.5,
            "integrityImpact": "PARTIAL",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "HIGH",
            "trust": 0.7,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "COMPLETE",
            "baseScore": 10.0,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 10.0,
            "id": "VHN-49235",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2011-1290",
            "trust": 1.8,
            "value": "HIGH"
          },
          {
            "author": "ZDI",
            "id": "CVE-2011-1290",
            "trust": 0.7,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201103-180",
            "trust": 0.6,
            "value": "CRITICAL"
          },
          {
            "author": "VULHUB",
            "id": "VHN-49235",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-11-104"
      },
      {
        "db": "VULHUB",
        "id": "VHN-49235"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2011-001530"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201103-180"
      },
      {
        "db": "NVD",
        "id": "CVE-2011-1290"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Integer overflow in WebKit, as used on the Research In Motion (RIM) BlackBerry Torch 9800 with firmware 6.0.0.246, in Google Chrome before 10.0.648.133, and in Apple Safari before 5.0.5, allows remote attackers to execute arbitrary code via unknown vectors related to CSS \"style handling,\" nodesets, and a length value, as demonstrated by Vincenzo Iozzo, Willem Pinckaers, and Ralf-Philipp Weinmann during a Pwn2Own competition at CanSecWest 2011. WebKit Is CSS There is a flaw in the handling of styles, node sets, and length values that could allow arbitrary code execution.Skillfully crafted by a third party Web Through the site, you may get important information on the heap memory address. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Webkit. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the WebKit library\u0027s implementation of a CSS style. When totaling the length of it\u0027s string elements, the library will store the result into a 32bit integer. This value will be used for an allocation and then later will be used to initialize the allocated buffer. Due to the number of elements being totaled being variable, this will allow an aggressor to provide as many elements as necessary in order to cause the integer value to wrap causing an under-allocation. Initialization of this data will then cause a heap-based buffer overflow. This can lead to code execution under the context of the application. WebKit is prone to a memory-corruption vulnerability. \nAn attacker can exploit this issue by enticing an unsuspecting victim to view a malicious webpage. Failed exploit attempts will result in a denial-of-service condition. \nNOTE: This issue was previously discussed in BID 46833 (Blackberry Browser Multiple Unspecified Information Disclosure and Integer Overflow Vulnerabilities), but has been given its own record to better document it. Google Chrome is a web browser developed by Google (Google). This vulnerability has been demonstrated by Vincenzo Iozzo, Willem Pinckaers and Ralf-Philipp Weinmann in the Pwn2Own hacking contest at CanSecWest 2011. ZDI-11-104: (Pwn2Own) Webkit CSS Text Element Count Remote Code Execution Vulnerability\n\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-104\n\nApril 14, 2011\n\n-- CVE ID:\nCVE-2011-1290\n\n-- CVSS:\n9, (AV:N/AC:L/Au:N/C:P/I:P/A:C)\n\n-- Affected Vendors:\nWebKit\n\n-- Affected Products:\nWebKit WebKit\n\n-- TippingPoint(TM) IPS Customer Protection:\nTippingPoint IPS customers have been protected against this\nvulnerability by Digital Vaccine protection filter ID 11087. \n\n-- Vendor Response:\nApple patch on April 14, 2011:\nhttp://support.apple.com/kb/HT4606\nhttp://support.apple.com/kb/HT4607\nhttp://support.apple.com/kb/HT4596\n\n-- Disclosure Timeline:\n2011-03-31 - Vulnerability reported to vendor\n2011-04-14 - Coordinated public release of advisory\n\n-- Credit:\nThis vulnerability was discovered by:\n    * Anonymous\n    * Vincenzo Iozzo, Willem Pinckaers, and Ralf-Philipp Weinmann\n\n-- About the Zero Day Initiative (ZDI):\nEstablished by TippingPoint, The Zero Day Initiative (ZDI) represents \na best-of-breed model for rewarding security researchers for responsibly\ndisclosing discovered vulnerabilities. \n\nResearchers interested in getting paid for their security research\nthrough the ZDI can find more information and sign-up at:\n\n    http://www.zerodayinitiative.com\n\nThe ZDI is unique in how the acquired vulnerability information is\nused. TippingPoint does not re-sell the vulnerability details or any\nexploit code. Instead, upon notifying the affected product vendor,\nTippingPoint provides its customers with zero day protection through\nits intrusion prevention technology. Explicit details regarding the\nspecifics of the vulnerability are not exposed to any parties until\nan official vendor patch is publicly available. Furthermore, with the\naltruistic aim of helping to secure a broader user base, TippingPoint\nprovides this vulnerability information confidentially to security\nvendors (including competitors) who have a vulnerability protection or\nmitigation product. \n\nOur vulnerability disclosure policy is available online at:\n\n    http://www.zerodayinitiative.com/advisories/disclosure_policy/\n\nFollow the ZDI on Twitter:\n\n    http://twitter.com/thezdi\n. \nGents,\n\nIf you are a lucky BlackBerry owner, or an administrator of many BB\ndevices, you can do a quick security check of your smartphone(s), by\nbrowsing this web page from your device (free quick check):\n\n    http://tehtris.com/bbcheck\n\nFor now, this will check for you if you are potentially vulnerable\nagainst those exploits:\n\n-\u003e Nov 2007 - US-CERT Advisory VU#282856 - Exploit from Michael Kemp\n   http://www.blackberry.com/btsc/KB12577\n\n-\u003e Jan 2011 - CVE-2010-2599 - Exploit found by TEHTRI-Security\n   http://www.blackberry.com/btsc/KB24841\n\n-\u003e Mar 2011 - CVE-2011-1290 - Awesome Pwn2own/CSW exploit from Vincenzo\nIozzo, Ralf Philipp Weinmann, and Willem Pinckaers\n\nA workaround for this latest vulnerability (CVE-2011-1290) could be to\ndisable JavaScript, as explained on RIM resources. \n\nYou should definitely read this: http://www.blackberry.com/btsc/KB26132\n\nHave a nice day,\n\nLaurent OUDOT, CEO TEHTRI-Security -- \"This is not a game\"\n http://www.tehtri-security.com/\n Follow us: @tehtris\n\n=\u003e Join us for more hacking tricks during next awesome events:\n\n- SyScan Singapore (April) -- Training: \"Advanced PHP Hacking\"\nhttp://www.syscan.org/index.php/sg/training\n\n- HITB Amsterdam (May) -- Training: \"Hunting Web Attackers\"\nhttp://conference.hackinthebox.org/hitbsecconf2011ams/?page_id=16\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n- -------------------------------------------------------------------------\nDebian Security Advisory DSA-2192-1                   security@debian.org\nhttp://www.debian.org/security/                         Giuseppe Iuculano\nMarch 15, 2011                         http://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage        : chromium-browser\nVulnerability  : several\nProblem type   : remote\nDebian-specific: no\nCVE ID         : CVE-2011-0779 CVE-2011-1290\n\n\nSeveral vulnerabilities were discovered in the Chromium browser. \nThe Common Vulnerabilities and Exposures project identifies the\nfollowing problems:\n\nCVE-2011-0779\n\n  Google Chrome before 9.0.597.84 does not properly handle a missing key in an\n  extension, which allows remote attackers to cause a denial of service\n  (application crash) via a crafted extension. \n\n\nFor the stable distribution (squeeze), these problems have been fixed\nin version 6.0.472.63~r59945-5+squeeze4\n\nFor the testing distribution (wheezy), these problems will be fixed soon. \n\nFor the unstable distribution (sid), these problems have been fixed\nversion 10.0.648.133~r77742-1\n\n\nWe recommend that you upgrade your chromium-browser packages. \n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: http://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.11 (GNU/Linux)\n\niEYEARECAAYFAk1/lHMACgkQNxpp46476ao/EwCdFThT2dtAQ9HB8yza9Z4gIqV4\nFeIAn3zISoa/86EhpLs5qjhMB9gQ6Oc0\n=QJZP\n-----END PGP SIGNATURE-----\n",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2011-1290"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2011-001530"
      },
      {
        "db": "ZDI",
        "id": "ZDI-11-104"
      },
      {
        "db": "BID",
        "id": "46849"
      },
      {
        "db": "VULHUB",
        "id": "VHN-49235"
      },
      {
        "db": "PACKETSTORM",
        "id": "100465"
      },
      {
        "db": "PACKETSTORM",
        "id": "99462"
      },
      {
        "db": "PACKETSTORM",
        "id": "99354"
      }
    ],
    "trust": 2.88
  },
  "exploit_availability": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "reference": "https://www.scap.org.cn/vuln/vhn-49235",
        "trust": 0.1,
        "type": "unknown"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-49235"
      }
    ]
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2011-1290",
        "trust": 3.8
      },
      {
        "db": "ZDI",
        "id": "ZDI-11-104",
        "trust": 2.2
      },
      {
        "db": "BID",
        "id": "46849",
        "trust": 2.2
      },
      {
        "db": "SECUNIA",
        "id": "44154",
        "trust": 1.9
      },
      {
        "db": "SECUNIA",
        "id": "44151",
        "trust": 1.9
      },
      {
        "db": "SECUNIA",
        "id": "43748",
        "trust": 1.9
      },
      {
        "db": "SECUNIA",
        "id": "43735",
        "trust": 1.9
      },
      {
        "db": "VUPEN",
        "id": "ADV-2011-0654",
        "trust": 1.9
      },
      {
        "db": "VUPEN",
        "id": "ADV-2011-0984",
        "trust": 1.9
      },
      {
        "db": "VUPEN",
        "id": "ADV-2011-0645",
        "trust": 1.9
      },
      {
        "db": "SECTRACK",
        "id": "1025212",
        "trust": 1.9
      },
      {
        "db": "SECUNIA",
        "id": "43782",
        "trust": 1.1
      },
      {
        "db": "VUPEN",
        "id": "ADV-2011-0671",
        "trust": 1.1
      },
      {
        "db": "OSVDB",
        "id": "71182",
        "trust": 1.1
      },
      {
        "db": "XF",
        "id": "66052",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2011-001530",
        "trust": 0.8
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-1107",
        "trust": 0.7
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201103-180",
        "trust": 0.7
      },
      {
        "db": "NSFOCUS",
        "id": "16728",
        "trust": 0.6
      },
      {
        "db": "NSFOCUS",
        "id": "16587",
        "trust": 0.6
      },
      {
        "db": "PACKETSTORM",
        "id": "100465",
        "trust": 0.2
      },
      {
        "db": "VULHUB",
        "id": "VHN-49235",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "99462",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "99354",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-11-104"
      },
      {
        "db": "VULHUB",
        "id": "VHN-49235"
      },
      {
        "db": "BID",
        "id": "46849"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2011-001530"
      },
      {
        "db": "PACKETSTORM",
        "id": "100465"
      },
      {
        "db": "PACKETSTORM",
        "id": "99462"
      },
      {
        "db": "PACKETSTORM",
        "id": "99354"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201103-180"
      },
      {
        "db": "NVD",
        "id": "CVE-2011-1290"
      }
    ]
  },
  "id": "VAR-201103-0294",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-49235"
      }
    ],
    "trust": 0.38333333
  },
  "last_update_date": "2024-07-23T20:56:26.520000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "HT4596",
        "trust": 0.8,
        "url": "http://support.apple.com/kb/ht4596"
      },
      {
        "title": "HT4606",
        "trust": 0.8,
        "url": "http://support.apple.com/kb/ht4606"
      },
      {
        "title": "HT4607",
        "trust": 0.8,
        "url": "http://support.apple.com/kb/ht4607"
      },
      {
        "title": "HT4609",
        "trust": 0.8,
        "url": "http://support.apple.com/kb/ht4609"
      },
      {
        "title": "HT4607",
        "trust": 0.8,
        "url": "http://support.apple.com/kb/ht4607?viewlocale=ja_jp"
      },
      {
        "title": "HT4609",
        "trust": 0.8,
        "url": "http://support.apple.com/kb/ht4609?viewlocale=ja_jp"
      },
      {
        "title": "HT4596",
        "trust": 0.8,
        "url": "http://support.apple.com/kb/ht4596?viewlocale=ja_jp"
      },
      {
        "title": "HT4606",
        "trust": 0.8,
        "url": "http://support.apple.com/kb/ht4606?viewlocale=ja_jp"
      },
      {
        "title": "Google Chrome",
        "trust": 0.8,
        "url": "http://www.google.co.jp/chrome/intl/ja/landing_ff_yt.html?hl=ja\u0026hl=ja"
      },
      {
        "title": "stable-and-beta-channel-updates",
        "trust": 0.8,
        "url": "http://googlechromereleases.blogspot.com/2011/03/stable-and-beta-channel-updates.html"
      },
      {
        "title": "KB26132",
        "trust": 0.8,
        "url": "http://www.blackberry.com/btsc/kb26132"
      },
      {
        "title": "Apple patch on April 14, 2011: fix:http://trac.webkit.org/changeset/80787http://trac.webkit.org/changeset/82054",
        "trust": 0.7,
        "url": "http://support.apple.com/kb/ht4606http://support.apple.com/kb/ht4607http://support.apple.com/kb/ht4596webkit"
      },
      {
        "title": "WebKit Fixes for digital error vulnerabilities",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=169944"
      }
    ],
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-11-104"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2011-001530"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201103-180"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-189",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-49235"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2011-001530"
      },
      {
        "db": "NVD",
        "id": "CVE-2011-1290"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 1.9,
        "url": "http://www.securityfocus.com/bid/46849"
      },
      {
        "trust": 1.9,
        "url": "http://www.securitytracker.com/id?1025212"
      },
      {
        "trust": 1.9,
        "url": "http://secunia.com/advisories/43735"
      },
      {
        "trust": 1.9,
        "url": "http://secunia.com/advisories/43748"
      },
      {
        "trust": 1.9,
        "url": "http://secunia.com/advisories/44151"
      },
      {
        "trust": 1.9,
        "url": "http://secunia.com/advisories/44154"
      },
      {
        "trust": 1.9,
        "url": "http://www.vupen.com/english/advisories/2011/0645"
      },
      {
        "trust": 1.9,
        "url": "http://www.vupen.com/english/advisories/2011/0654"
      },
      {
        "trust": 1.9,
        "url": "http://www.vupen.com/english/advisories/2011/0984"
      },
      {
        "trust": 1.7,
        "url": "http://dvlabs.tippingpoint.com/blog/2011/02/02/pwn2own-2011"
      },
      {
        "trust": 1.7,
        "url": "http://www.zdnet.com/blog/security/pwn2own-2011-blackberry-falls-to-webkit-browser-attack/8401"
      },
      {
        "trust": 1.4,
        "url": "http://googlechromereleases.blogspot.com/2011/03/stable-and-beta-channel-updates.html"
      },
      {
        "trust": 1.2,
        "url": "http://support.apple.com/kb/ht4596"
      },
      {
        "trust": 1.2,
        "url": "http://support.apple.com/kb/ht4607"
      },
      {
        "trust": 1.2,
        "url": "http://www.blackberry.com/btsc/kb26132"
      },
      {
        "trust": 1.2,
        "url": "http://www.zerodayinitiative.com/advisories/zdi-11-104"
      },
      {
        "trust": 1.1,
        "url": "http://lists.apple.com/archives/security-announce/2011//apr/msg00000.html"
      },
      {
        "trust": 1.1,
        "url": "http://lists.apple.com/archives/security-announce/2011//apr/msg00001.html"
      },
      {
        "trust": 1.1,
        "url": "http://lists.apple.com/archives/security-announce/2011//apr/msg00002.html"
      },
      {
        "trust": 1.1,
        "url": "http://www.securityfocus.com/archive/1/517513/100/0/threaded"
      },
      {
        "trust": 1.1,
        "url": "http://www.debian.org/security/2011/dsa-2192"
      },
      {
        "trust": 1.1,
        "url": "http://osvdb.org/71182"
      },
      {
        "trust": 1.1,
        "url": "http://secunia.com/advisories/43782"
      },
      {
        "trust": 1.1,
        "url": "http://www.vupen.com/english/advisories/2011/0671"
      },
      {
        "trust": 1.1,
        "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66052"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-1290"
      },
      {
        "trust": 0.8,
        "url": "http://xforce.iss.net/xforce/xfdb/66052"
      },
      {
        "trust": 0.8,
        "url": "http://jvn.jp/cert/jvnvu990878"
      },
      {
        "trust": 0.8,
        "url": "http://jvn.jp/cert/jvnvu658892"
      },
      {
        "trust": 0.8,
        "url": "http://jvn.jp/cert/jvnvu805814"
      },
      {
        "trust": 0.8,
        "url": "http://jvn.jp/cert/jvnvu597782"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-1290"
      },
      {
        "trust": 0.7,
        "url": "http://support.apple.com/kb/ht4606http://support.apple.com/kb/ht4607http://support.apple.com/kb/ht4596webkit"
      },
      {
        "trust": 0.7,
        "url": "http://trac.webkit.org/changeset/80787http://trac.webkit.org/changeset/82054"
      },
      {
        "trust": 0.6,
        "url": "http://www.nsfocus.net/vulndb/16728"
      },
      {
        "trust": 0.6,
        "url": "http://www.nsfocus.net/vulndb/16587"
      },
      {
        "trust": 0.3,
        "url": "http://www.zerodayinitiative.com/advisories/zdi-11-104/"
      },
      {
        "trust": 0.3,
        "url": "http://www.google.com/chrome"
      },
      {
        "trust": 0.3,
        "url": "http://threatpost.com/en_us/blogs/iphone-blackberry-fall-second-day-pwn2own-031011"
      },
      {
        "trust": 0.3,
        "url": "http://www.rim.net/"
      },
      {
        "trust": 0.3,
        "url": "http://www.webkit.org/"
      },
      {
        "trust": 0.3,
        "url": "http://lists.apple.com/archives/security-announce/2011/apr/msg00004.html"
      },
      {
        "trust": 0.3,
        "url": "http://btsc.webapps.blackberry.com/btsc/search.do?cmd=displaykc\u0026doctype=kc\u0026externalid=kb26132"
      },
      {
        "trust": 0.3,
        "url": "http://www.blackberry.com/btsc/dynamickc.do?externalid=kb26132\u0026sliceid=1\u0026command=show\u0026forward=nonthreadedkc\u0026kcid=kb26132"
      },
      {
        "trust": 0.3,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2011-1290"
      },
      {
        "trust": 0.1,
        "url": "http://www.zerodayinitiative.com/advisories/disclosure_policy/"
      },
      {
        "trust": 0.1,
        "url": "http://twitter.com/thezdi"
      },
      {
        "trust": 0.1,
        "url": "http://www.tippingpoint.com"
      },
      {
        "trust": 0.1,
        "url": "http://www.zerodayinitiative.com"
      },
      {
        "trust": 0.1,
        "url": "http://support.apple.com/kb/ht4606"
      },
      {
        "trust": 0.1,
        "url": "http://www.blackberry.com/btsc/kb24841"
      },
      {
        "trust": 0.1,
        "url": "http://www.tehtri-security.com/"
      },
      {
        "trust": 0.1,
        "url": "http://www.blackberry.com/btsc/kb12577"
      },
      {
        "trust": 0.1,
        "url": "http://conference.hackinthebox.org/hitbsecconf2011ams/?page_id=16"
      },
      {
        "trust": 0.1,
        "url": "http://tehtris.com/bbcheck"
      },
      {
        "trust": 0.1,
        "url": "http://www.syscan.org/index.php/sg/training"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2010-2599"
      },
      {
        "trust": 0.1,
        "url": "http://www.debian.org/security/faq"
      },
      {
        "trust": 0.1,
        "url": "http://www.debian.org/security/"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0779"
      }
    ],
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-11-104"
      },
      {
        "db": "VULHUB",
        "id": "VHN-49235"
      },
      {
        "db": "BID",
        "id": "46849"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2011-001530"
      },
      {
        "db": "PACKETSTORM",
        "id": "100465"
      },
      {
        "db": "PACKETSTORM",
        "id": "99462"
      },
      {
        "db": "PACKETSTORM",
        "id": "99354"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201103-180"
      },
      {
        "db": "NVD",
        "id": "CVE-2011-1290"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "ZDI",
        "id": "ZDI-11-104"
      },
      {
        "db": "VULHUB",
        "id": "VHN-49235"
      },
      {
        "db": "BID",
        "id": "46849"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2011-001530"
      },
      {
        "db": "PACKETSTORM",
        "id": "100465"
      },
      {
        "db": "PACKETSTORM",
        "id": "99462"
      },
      {
        "db": "PACKETSTORM",
        "id": "99354"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201103-180"
      },
      {
        "db": "NVD",
        "id": "CVE-2011-1290"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2011-04-14T00:00:00",
        "db": "ZDI",
        "id": "ZDI-11-104"
      },
      {
        "date": "2011-03-11T00:00:00",
        "db": "VULHUB",
        "id": "VHN-49235"
      },
      {
        "date": "2011-03-10T00:00:00",
        "db": "BID",
        "id": "46849"
      },
      {
        "date": "2011-05-10T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2011-001530"
      },
      {
        "date": "2011-04-15T14:14:11",
        "db": "PACKETSTORM",
        "id": "100465"
      },
      {
        "date": "2011-03-18T22:39:32",
        "db": "PACKETSTORM",
        "id": "99462"
      },
      {
        "date": "2011-03-16T02:27:27",
        "db": "PACKETSTORM",
        "id": "99354"
      },
      {
        "date": "2011-03-14T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201103-180"
      },
      {
        "date": "2011-03-11T21:57:16.893000",
        "db": "NVD",
        "id": "CVE-2011-1290"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2011-04-14T00:00:00",
        "db": "ZDI",
        "id": "ZDI-11-104"
      },
      {
        "date": "2018-10-09T00:00:00",
        "db": "VULHUB",
        "id": "VHN-49235"
      },
      {
        "date": "2011-10-11T19:10:00",
        "db": "BID",
        "id": "46849"
      },
      {
        "date": "2011-05-10T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2011-001530"
      },
      {
        "date": "2021-11-16T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201103-180"
      },
      {
        "date": "2018-10-09T19:30:42.537000",
        "db": "NVD",
        "id": "CVE-2011-1290"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "PACKETSTORM",
        "id": "100465"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201103-180"
      }
    ],
    "trust": 0.7
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "WebKit Vulnerable to arbitrary code execution",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2011-001530"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "digital error",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201103-180"
      }
    ],
    "trust": 0.6
  }
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2011-1290 (GCVE-0-2011-1290)

Description

Solution

Description

Solution

Description

Solution

Description

Solution

Description

Solution

Description

Solution

Description

Solution

Description

Solution

Tags

Sightings

Nomenclature