CVE-2011-0485

Google Chrome < 8.0.552.237 and Chrome OS < 8.0.552.344 - Remote Code Execution via Speech Data Handling

Title source: llm
STIX 2.1

Description

Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do not properly handle speech data, which allows remote attackers to execute arbitrary code via unspecified vectors that lead to a "stale pointer."

References (8)

Core 8
Core References
Broken Link vdb-entry x_refsource_osvdb
http://osvdb.org/70468
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/45788
Third Party Advisory x_refsource_confirm
http://www.srware.net/forum/viewtopic.php?f=18&t=2054
Permissions Required x_refsource_confirm
http://code.google.com/p/chromium/issues/detail?id=68666
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/42951
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/64676

Scores

EPSS 0.0339
EPSS Percentile 87.4%

Details

CWE
CWE-20
Status published
Products (2)
google/chrome < 8.0.552.237
google/chrome_os < 8.0.552.344
Published Jan 14, 2011
Tracked Since Feb 18, 2026