CVE-2011-3050Use After Free in Google Chrome

CWE-416Use After Free5 documents5 sources
Severity
6.8MEDIUMNVD
EPSS
5.6%
top 9.69%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
5
Apple Iphone OSApple ItunesApple Safari+2 more
Timeline
PublishedMar 22
Latest updateMay 13

Description

Use-after-free vulnerability in the Cascading Style Sheets (CSS) implementation in Google Chrome before 17.0.963.83 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the :first-letter pseudo-element.

CVSS vector

AV:N/AC:M/C:P/I:P/A:PExploitability: 8.6 | Impact: 6.4

Affected Packages5 packages

NVDgoogle/chrome< 17.0.963.83
NVDapple/itunes< 10.7
NVDapple/safari< 6.0
NVDapple/iphone_os< 6.0

🔴Vulnerability Details

1
GHSA
GHSA-88w8-v76p-jf7g: Use-after-free vulnerability in the Cascading Style Sheets (CSS) implementation in Google Chrome before 172022-05-13

📋Vendor Advisories

2
Ubuntu
WebKit vulnerabilities2012-08-08
Red Hat
Webkitgtk: google chrome update [21-March-2012]2012-03-21

💬Community

1
Bugzilla
Webkitgtk: google chrome update [21-March-2012]2012-03-27