CVE-2011-1187 — Sensitive Information Exposure in Google Chrome

CWE-200 — Sensitive Information Exposure9 documents7 sources

Severity

5.0MEDIUMNVD

EPSS

0.9%

top 24.43%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Google Chrome Mozilla Firefox Mozilla Seamonkey +1 more

Timeline

PublishedMar 11

Latest updateMay 13

Description

Google Chrome before 10.0.648.127 allows remote attackers to bypass the Same Origin Policy via unspecified vectors, related to an "error message leak."

CVSS vector

AV:N/AC:L/C:P/I:N/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages4 packages

▶NVDgoogle/chrome< 10.0.648.127

▶NVDmozilla/firefox< 12.0

▶NVDmozilla/seamonkey< 2.9

▶NVDmozilla/thunderbird< 12.0

🔴Vulnerability Details

GHSA

GHSA-2cj5-cgrj-vwfc: Google Chrome before 10↗2022-05-13

▶

CVEList

CVE-2011-1187: Google Chrome before 10↗2011-03-11

▶

OSV

CVE-2011-1187: Google Chrome before 10↗2011-03-10

▶

📋Vendor Advisories

Ubuntu

Thunderbird vulnerabilities↗2012-05-04

▶

Ubuntu

ubufox update↗2012-04-27

▶

Ubuntu

Firefox vulnerabilities↗2012-04-27

▶

Red Hat

Multiple flaws in Firefox 12 which do not affect firefox 10.0.4 ESR↗2012-04-24

▶

💬Community

Bugzilla

CVE-2011-1187 CVE-2012-0475 Multiple flaws in Firefox 12 which do not affect firefox 10.0.4 ESR↗2012-04-23

▶