CVE-2011-3085Improper Restriction of Operations within the Bounds of a Memory Buffer in Google Chrome

CWE-119Improper Restriction of Operations within the Bounds of a Memory Buffer2 documents2 sources
Severity
5.0MEDIUMNVD
EPSS
1.5%
top 19.06%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Google Chrome
Timeline
PublishedMay 16
Latest updateMay 14

Description

The Autofill feature in Google Chrome before 19.0.1084.46 does not properly restrict field values, which allows remote attackers to cause a denial of service (UI corruption) and possibly conduct spoofing attacks via vectors involving long values.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

NVDgoogle/chrome19.0.1084.45

🔴Vulnerability Details

1
GHSA
GHSA-x867-987h-hqwj: The Autofill feature in Google Chrome before 192022-05-14
CVE-2011-3085 — Google Chrome vulnerability | cvebase