Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2011-2841Improper Input Validation in Google Chrome

CWE-20Improper Input Validation3 documents3 sources
Severity
6.8MEDIUMNVD
EPSS
12.8%
top 5.97%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
Google Chrome
Timeline
PublishedSep 19
Latest updateMay 13

Description

Google Chrome before 14.0.835.163 does not properly perform garbage collection during the processing of PDF documents, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted document.

CVSS vector

AV:N/AC:M/C:P/I:P/A:PExploitability: 8.6 | Impact: 6.4

Affected Packages1 packages

NVDgoogle/chrome< 14.0.835.163

🔴Vulnerability Details

1
GHSA
GHSA-fw4j-g7xv-8pj8: Google Chrome before 142022-05-13

💥Exploits & PoCs

1
Exploit-DB
Google Chrome < 14.0.835.163 - '.pdf' File Handling Memory Corruption2011-10-04
CVE-2011-2841 — Improper Input Validation in Google | cvebase