FKIE_CVE-2011-3640

Vulnerability from fkie_nvd - Published: 2011-10-28 02:49 - Updated: 2025-04-11 00:51
Severity ?
Summary
Untrusted search path vulnerability in Mozilla Network Security Services (NSS), as used in Google Chrome before 17 on Windows and Mac OS X, might allow local users to gain privileges via a Trojan horse pkcs11.txt file in a top-level directory. NOTE: the vendor's response was "Strange behavior, but we're not treating this as a security bug."
References
secalert@redhat.comhttp://blog.acrossecurity.com/2011/10/google-chrome-pkcs11txt-file-planting.htmlExploit, Third Party Advisory
secalert@redhat.comhttp://code.google.com/p/chromium/issues/detail?id=97426Exploit, Issue Tracking, Patch, Vendor Advisory
secalert@redhat.comhttp://securityreason.com/securityalert/8483Third Party Advisory
secalert@redhat.comhttps://bugzilla.mozilla.org/show_bug.cgi?id=641052Issue Tracking, Patch, Third Party Advisory
secalert@redhat.comhttps://hermes.opensuse.org/messages/13154861Broken Link
secalert@redhat.comhttps://hermes.opensuse.org/messages/13155432Broken Link
secalert@redhat.comhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13414Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://blog.acrossecurity.com/2011/10/google-chrome-pkcs11txt-file-planting.htmlExploit, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://code.google.com/p/chromium/issues/detail?id=97426Exploit, Issue Tracking, Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://securityreason.com/securityalert/8483Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://bugzilla.mozilla.org/show_bug.cgi?id=641052Issue Tracking, Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://hermes.opensuse.org/messages/13154861Broken Link
af854a3a-2127-422b-91ae-364da2661108https://hermes.opensuse.org/messages/13155432Broken Link
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13414Third Party Advisory
Impacted products
Vendor Product Version
google chrome *
apple macos -
microsoft windows -
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "811305D7-7A0E-4F2D-A578-B9D415002329",
              "versionEndExcluding": "17.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [
    {
      "sourceIdentifier": "secalert@redhat.com",
      "tags": [
        "disputed"
      ]
    }
  ],
  "descriptions": [
    {
      "lang": "en",
      "value": "Untrusted search path vulnerability in Mozilla Network Security Services (NSS), as used in Google Chrome before 17 on Windows and Mac OS X, might allow local users to gain privileges via a Trojan horse pkcs11.txt file in a top-level directory. NOTE: the vendor\u0027s response was \"Strange behavior, but we\u0027re not treating this as a security bug.\""
    },
    {
      "lang": "es",
      "value": "** CONTROVERTIDO ** Vulnerabilidad de ruta de b\u00fasqueda no confiable de Mozilla Network Security Services (NSS), que se utiliza en Google Chrome anterior a v17 en Windows y Mac OS X, puede permitir a usuarios locales conseguir privilegios a trav\u00e9s de un archivo troyano pkcs11.txt en un directorio de alto nivel. NOTA: La respuesta del vendedor fue \" comportamiento extra\u00f1o, pero no estamos tratando esto como un fallo de seguridad\""
    }
  ],
  "id": "CVE-2011-3640",
  "lastModified": "2025-04-11T00:51:21.963",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "HIGH",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.1,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:H/Au:S/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2011-10-28T02:49:53.130",
  "references": [
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "http://blog.acrossecurity.com/2011/10/google-chrome-pkcs11txt-file-planting.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Exploit",
        "Issue Tracking",
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://code.google.com/p/chromium/issues/detail?id=97426"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://securityreason.com/securityalert/8483"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Issue Tracking",
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=641052"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Broken Link"
      ],
      "url": "https://hermes.opensuse.org/messages/13154861"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Broken Link"
      ],
      "url": "https://hermes.opensuse.org/messages/13155432"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13414"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "http://blog.acrossecurity.com/2011/10/google-chrome-pkcs11txt-file-planting.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Issue Tracking",
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://code.google.com/p/chromium/issues/detail?id=97426"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://securityreason.com/securityalert/8483"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Issue Tracking",
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=641052"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "https://hermes.opensuse.org/messages/13154861"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "https://hermes.opensuse.org/messages/13155432"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13414"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-426"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.