CVE-2011-1204 — Improper Input Validation in Google Chrome

CWE-20 — Improper Input Validation3 documents3 sources

Severity

6.8MEDIUMNVD

EPSS

2.4%

top 14.82%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Apple Iphone OS Apple Itunes Apple Safari +1 more

Timeline

PublishedMar 11

Latest updateMay 13

Description

Google Chrome before 10.0.648.127 does not properly handle attributes, which allows remote attackers to cause a denial of service (DOM tree corruption) or possibly have unspecified other impact via a crafted document.

CVSS vector

AV:N/AC:M/C:P/I:P/A:PExploitability: 8.6 | Impact: 6.4

Affected Packages4 packages

▶NVDgoogle/chrome< 10.0.648.127

▶NVDapple/itunes< 10.5

▶NVDapple/safari< 5.0.6

▶NVDapple/iphone_os< 5.0

🔴Vulnerability Details

GHSA

GHSA-vj2m-hx22-vmrj: Google Chrome before 10↗2022-05-13

▶

OSV

CVE-2011-1204: Google Chrome before 10↗2011-03-11

▶