CVE-2011-2861Improper Input Validation in Google Chrome

CWE-20Improper Input Validation3 documents3 sources
Severity
6.8MEDIUMNVD
EPSS
2.9%
top 13.59%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Google Chrome
Timeline
PublishedSep 19
Latest updateMay 13

Description

Google Chrome before 14.0.835.163 does not properly handle strings in PDF documents, which allows remote attackers to have an unspecified impact via a crafted document that triggers an incorrect read operation.

CVSS vector

AV:N/AC:M/C:P/I:P/A:PExploitability: 8.6 | Impact: 6.4

Affected Packages1 packages

NVDgoogle/chrome< 14.0.835.163

🔴Vulnerability Details

1
GHSA
GHSA-8hg5-f3x6-pmg6: Google Chrome before 142022-05-13

💥Exploits & PoCs

1
Exploit-DB
Adobe ColdFusion - Directory Traversal (Metasploit)2011-03-16
CVE-2011-2861 — Improper Input Validation in Google | cvebase