VAR-201102-0350

Vulnerability from variot - Updated: 2023-12-18 14:06

Use-after-free vulnerability in WebCore in WebKit before r77705, as used in Google Chrome before 11.0.672.2 and other products, allows user-assisted remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via vectors that entice a user to resubmit a form, related to improper handling of provisional items by the HistoryController component, aka rdar problem 8938557. WebKit is prone to a denial-of-service vulnerability. WebKit is a set of open source web browser engines jointly developed by companies such as KDE, Apple (Apple), and Google (Google), and is currently used by browsers such as Apple Safari and Google Chrome. A use-after-free vulnerability exists in WebCore in WebKit versions prior to r77705 used in Google Chrome versions prior to 11.0.672.2 and others. The vulnerability is related to improper handling of temporary items by the HistoryController component

Show details on source website

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201102-0350",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "chrome",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "google",
        "version": "11.0.672.2"
      },
      {
        "model": "chrome",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "google",
        "version": "11.0.672.2  products"
      },
      {
        "model": "webkit",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "apple",
        "version": "r77705"
      },
      {
        "model": "chrome",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "google",
        "version": "9.0.597.36"
      },
      {
        "model": "chrome",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "google",
        "version": "9.0.597.45"
      },
      {
        "model": "chrome",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "google",
        "version": "9.0.597.41"
      },
      {
        "model": "chrome",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "google",
        "version": "9.0.597.46"
      },
      {
        "model": "chrome",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "google",
        "version": "9.0.597.40"
      },
      {
        "model": "chrome",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "google",
        "version": "9.0.597.42"
      },
      {
        "model": "chrome",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "google",
        "version": "9.0.597.4"
      },
      {
        "model": "chrome",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "google",
        "version": "10.0.648.204"
      },
      {
        "model": "chrome",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "google",
        "version": "9.0.597.44"
      },
      {
        "model": "chrome",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "google",
        "version": "10.0.648.18"
      },
      {
        "model": "open source project webkit",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "webkit",
        "version": "1.2.5"
      },
      {
        "model": "open source project webkit",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "webkit",
        "version": "1.2.3"
      },
      {
        "model": "open source project webkit",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "webkit",
        "version": "1.2.2"
      },
      {
        "model": "open source project webkit r52833",
        "scope": null,
        "trust": 0.3,
        "vendor": "webkit",
        "version": null
      },
      {
        "model": "open source project webkit r52401",
        "scope": null,
        "trust": 0.3,
        "vendor": "webkit",
        "version": null
      },
      {
        "model": "open source project webkit r51295",
        "scope": null,
        "trust": 0.3,
        "vendor": "webkit",
        "version": null
      },
      {
        "model": "open source project webkit r38566",
        "scope": null,
        "trust": 0.3,
        "vendor": "webkit",
        "version": null
      },
      {
        "model": "open source project webkit",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "webkit",
        "version": "1.2.x"
      },
      {
        "model": "open source project webkit",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "webkit",
        "version": "1.2.2-1"
      },
      {
        "model": "open source project webkit",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "webkit",
        "version": "0"
      },
      {
        "model": "chrome",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "google",
        "version": "11"
      },
      {
        "model": "open source project webkit r77705",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "webkit",
        "version": null
      },
      {
        "model": "chrome",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "google",
        "version": "11.0.672.2"
      }
    ],
    "sources": [
      {
        "db": "BID",
        "id": "46577"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2011-004319"
      },
      {
        "db": "NVD",
        "id": "CVE-2011-1059"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201102-320"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "11.0.672.2",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2011-1059"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "WebKit",
    "sources": [
      {
        "db": "BID",
        "id": "46577"
      }
    ],
    "trust": 0.3
  },
  "cve": "CVE-2011-1059",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 4.3,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 8.6,
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "MEDIUM",
            "trust": 1.0,
            "userInteractionRequired": true,
            "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Medium",
            "accessVector": "Network",
            "authentication": "None",
            "author": "NVD",
            "availabilityImpact": "Partial",
            "baseScore": 4.3,
            "confidentialityImpact": "None",
            "exploitabilityScore": null,
            "id": "CVE-2011-1059",
            "impactScore": null,
            "integrityImpact": "None",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "Medium",
            "trust": 0.8,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "PARTIAL",
            "baseScore": 4.3,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 8.6,
            "id": "VHN-49004",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:N/AC:M/AU:N/C:N/I:N/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2011-1059",
            "trust": 1.8,
            "value": "MEDIUM"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201102-320",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "VULHUB",
            "id": "VHN-49004",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-49004"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2011-004319"
      },
      {
        "db": "NVD",
        "id": "CVE-2011-1059"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201102-320"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Use-after-free vulnerability in WebCore in WebKit before r77705, as used in Google Chrome before 11.0.672.2 and other products, allows user-assisted remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via vectors that entice a user to resubmit a form, related to improper handling of provisional items by the HistoryController component, aka rdar problem 8938557. WebKit is prone to a denial-of-service vulnerability. WebKit is a set of open source web browser engines jointly developed by companies such as KDE, Apple (Apple), and Google (Google), and is currently used by browsers such as Apple Safari and Google Chrome. A use-after-free vulnerability exists in WebCore in WebKit versions prior to r77705 used in Google Chrome versions prior to 11.0.672.2 and others. The vulnerability is related to improper handling of temporary items by the HistoryController component",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2011-1059"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2011-004319"
      },
      {
        "db": "BID",
        "id": "46577"
      },
      {
        "db": "VULHUB",
        "id": "VHN-49004"
      }
    ],
    "trust": 1.98
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2011-1059",
        "trust": 2.8
      },
      {
        "db": "BID",
        "id": "46577",
        "trust": 2.0
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2011-004319",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201102-320",
        "trust": 0.6
      },
      {
        "db": "VULHUB",
        "id": "VHN-49004",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-49004"
      },
      {
        "db": "BID",
        "id": "46577"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2011-004319"
      },
      {
        "db": "NVD",
        "id": "CVE-2011-1059"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201102-320"
      }
    ]
  },
  "id": "VAR-201102-0350",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-49004"
      }
    ],
    "trust": 0.01
  },
  "last_update_date": "2023-12-18T14:06:24.625000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "52819",
        "trust": 0.8,
        "url": "https://bugs.webkit.org/show_bug.cgi?id=52819"
      },
      {
        "title": "Dev Channel Update",
        "trust": 0.8,
        "url": "http://googlechromereleases.blogspot.com/2011/02/dev-channel-update_17.html"
      },
      {
        "title": "bug-52819-20110204143234",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=39484"
      },
      {
        "title": "bug-52819-20110203154913",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=39483"
      },
      {
        "title": "bug-52819-20110202180818",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=39482"
      },
      {
        "title": "bug-52819-20110201190219",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=39481"
      },
      {
        "title": "bug-52819-20110121140238",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=39480"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2011-004319"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201102-320"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-416",
        "trust": 1.1
      },
      {
        "problemtype": "CWE-399",
        "trust": 0.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-49004"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2011-004319"
      },
      {
        "db": "NVD",
        "id": "CVE-2011-1059"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.0,
        "url": "http://googlechromereleases.blogspot.com/2011/02/dev-channel-update_17.html"
      },
      {
        "trust": 2.0,
        "url": "http://trac.webkit.org/changeset/77705"
      },
      {
        "trust": 1.7,
        "url": "http://www.securityfocus.com/bid/46577"
      },
      {
        "trust": 1.7,
        "url": "http://code.google.com/p/chromium/issues/detail?id=70315"
      },
      {
        "trust": 1.7,
        "url": "https://bugs.webkit.org/show_bug.cgi?id=52819"
      },
      {
        "trust": 1.7,
        "url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a13943"
      },
      {
        "trust": 1.7,
        "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65714"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-1059"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-1059"
      },
      {
        "trust": 0.3,
        "url": "http://www.webkit.org/"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-49004"
      },
      {
        "db": "BID",
        "id": "46577"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2011-004319"
      },
      {
        "db": "NVD",
        "id": "CVE-2011-1059"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201102-320"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULHUB",
        "id": "VHN-49004"
      },
      {
        "db": "BID",
        "id": "46577"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2011-004319"
      },
      {
        "db": "NVD",
        "id": "CVE-2011-1059"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201102-320"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2011-02-22T00:00:00",
        "db": "VULHUB",
        "id": "VHN-49004"
      },
      {
        "date": "2011-02-25T00:00:00",
        "db": "BID",
        "id": "46577"
      },
      {
        "date": "2012-03-27T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2011-004319"
      },
      {
        "date": "2011-02-22T19:00:02.973000",
        "db": "NVD",
        "id": "CVE-2011-1059"
      },
      {
        "date": "2011-02-23T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201102-320"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2020-06-03T00:00:00",
        "db": "VULHUB",
        "id": "VHN-49004"
      },
      {
        "date": "2011-02-25T00:00:00",
        "db": "BID",
        "id": "46577"
      },
      {
        "date": "2012-03-27T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2011-004319"
      },
      {
        "date": "2020-06-03T14:54:13.490000",
        "db": "NVD",
        "id": "CVE-2011-1059"
      },
      {
        "date": "2020-06-04T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201102-320"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201102-320"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Google Chrome And used in other products  WebKit of  WebCore Service disruption in  (DoS) Vulnerabilities",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2011-004319"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "resource management error",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201102-320"
      }
    ],
    "trust": 0.6
  }
}



Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author Source Type Date Other

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Loading…

Detection rules are retrieved from Rulezet.

Loading…

Loading…