CVE-2011-0485Improper Input Validation in Google Chrome

CWE-20Improper Input Validation3 documents3 sources
Severity
10.0CRITICALNVD
EPSS
6.8%
top 8.66%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Google ChromeGoogle Chrome OS
Timeline
PublishedJan 14
Latest updateMay 13

Description

Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do not properly handle speech data, which allows remote attackers to execute arbitrary code via unspecified vectors that lead to a "stale pointer."

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages2 packages

NVDgoogle/chrome< 8.0.552.237
NVDgoogle/chrome_os< 8.0.552.344

🔴Vulnerability Details

2
GHSA
GHSA-xx5v-f98f-3vgw: Google Chrome before 82022-05-13
CVEList
CVE-2011-0485: Google Chrome before 82011-01-14
CVE-2011-0485 — Improper Input Validation in Google | cvebase