CVE-2011-3079 — Improper Authentication in Mozilla Firefox
Severity
10.0CRITICALNVD
EPSS
0.4%
top 36.90%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedMay 1
Latest updateMay 14
Description
The Inter-process Communication (IPC) implementation in Google Chrome before 18.0.1025.168, as used in Mozilla Firefox before 38.0 and other products, does not properly validate messages, which has unspecified impact and attack vectors.
CVSS vector
AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0
Affected Packages12 packages
Also affects: Debian Linux 8.0, 9.0, Ubuntu Linux 14.04, 16.04, 18.04, 18.10, Enterprise Linux 7.6
🔴Vulnerability Details
5GHSA▶
GHSA-493h-4p68-8587: The Inter-process Communication (IPC) implementation in Google Chrome before 18↗2022-05-14
GHSA▶
GHSA-5g4g-56fq-mvwf: An earlier fix for an Inter-process Communication (IPC) vulnerability, CVE-2011-3079, added authentication to communication between IPC endpoints and↗2022-05-13
OSV▶
CVE-2018-18505: An earlier fix for an Inter-process Communication (IPC) vulnerability, CVE-2011-3079, added authentication to communication between IPC endpoints and↗2019-02-05
CVEList▶
CVE-2018-18505: An earlier fix for an Inter-process Communication (IPC) vulnerability, CVE-2011-3079, added authentication to communication between IPC endpoints and↗2019-02-05
CVEList▶
CVE-2011-3079: The Inter-process Communication (IPC) implementation in Google Chrome before 18↗2012-05-01