CVE-2011-1459

MEDIUM

Blink < M11 - Denial of Service via WebPluginContainerImpl Event Handling

Title source: llm
STIX 2.1

Description

The WebKit::WebPluginContainerImpl::handleEvent function in Google Chrome before Blink M11 allows an attacker to cause a denial of service (crash) via the htmlpluginelement.cpp plugin.

References (3)

Core 3
Core References
Exploit, Mailing List, Vendor Advisory x_refsource_misc
https://bugs.chromium.org/p/chromium/issues/detail?id=76474
Mailing List, Patch, Vendor Advisory x_refsource_misc
http://trac.webkit.org/changeset/81795
Mailing List, Patch, Vendor Advisory x_refsource_misc
http://trac.webkit.org/changeset/81891

Scores

CVSS v3 6.5
EPSS 0.0065
EPSS Percentile 46.7%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Details

CWE
CWE-400
Status published
Products (1)
google/blink < m11
Published Nov 05, 2019
Tracked Since Feb 18, 2026