CVE-2011-3106Improper Restriction of Operations within the Bounds of a Memory Buffer in Google Chrome

CWE-119Improper Restriction of Operations within the Bounds of a Memory Buffer2 documents2 sources
Severity
10.0CRITICALNVD
EPSS
7.3%
top 8.34%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Google Chrome
Timeline
PublishedMay 24
Latest updateMay 17

Description

The WebSockets implementation in Google Chrome before 19.0.1084.52 does not properly handle use of SSL, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages1 packages

NVDgoogle/chrome19.0.1084.51+131

🔴Vulnerability Details

1
GHSA
GHSA-7vch-f9q4-p3fv: The WebSockets implementation in Google Chrome before 192022-05-17
CVE-2011-3106 — Google Chrome vulnerability | cvebase