CVE-2011-3105 — Use After Free in Google Chrome

CWE-399 CWE-416 — Use After Free8 documents4 sources

Severity

7.5HIGHNVD

EPSS

5.0%

top 10.30%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Google Chrome

Timeline

PublishedMay 24

Latest updateMay 17

Description

Use-after-free vulnerability in the Cascading Style Sheets (CSS) implementation in Google Chrome before 19.0.1084.52 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the :first-letter pseudo-element.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages1 packages

▶NVDgoogle/chrome19.0.1084.51+131

🔴Vulnerability Details

GHSA

GHSA-fqq3-69m6-g84r: Use-after-free vulnerability in the Cascading Style Sheets (CSS) implementation in Google Chrome before 19↗2022-05-17

▶

📋Vendor Advisories

Red Hat

Mozilla: Miscellaneous memory safety hazards (rv:13.0/ rv:10.0.5) (MFSA 2012-34)↗2012-06-05

▶

Red Hat

Mozilla: Miscellaneous memory safety hazards (rv:13.0/ rv:10.0.5) (MFSA 2012-34)↗2012-06-05

▶

Red Hat

webkitgtk: Use-after-free in first-letter handling↗2012-05-23

▶

💬Community

Bugzilla

CVE-2011-3105 webkitgtk: Use-after-free in first-letter handling↗2012-05-29

▶

Bugzilla

Webkitgtk: google chrome update [23-May-2012]↗2012-05-29

▶