CVE-2011-3964Improper Input Validation in Google Chrome

CWE-20Improper Input Validation2 documents2 sources
Severity
5.8MEDIUMNVD
EPSS
0.2%
top 52.58%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Google Chrome
Timeline
PublishedFeb 9
Latest updateMay 13

Description

Google Chrome before 17.0.963.46 does not properly implement the drag-and-drop feature, which makes it easier for remote attackers to spoof the URL bar via unspecified vectors.

CVSS vector

AV:N/AC:M/C:P/I:P/A:NExploitability: 8.6 | Impact: 4.9

Affected Packages1 packages

NVDgoogle/chrome< 17.0.963.46

🔴Vulnerability Details

1
GHSA
GHSA-m386-wf6q-7rqh: Google Chrome before 172022-05-13
CVE-2011-3964 — Improper Input Validation in Google | cvebase