CVE-2011-2785

Google Chrome < 13.0.782.107 - Improper Input Validation in Extension Home Page URL

Title source: llm
STIX 2.1

Description

The extensions implementation in Google Chrome before 13.0.782.107 does not properly validate the URL for the home page, which allows remote attackers to have an unspecified impact via a crafted extension.

References (5)

Core 5
Core References
Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14298
Release Notes, Vendor Advisory x_refsource_confirm
http://googlechromereleases.blogspot.com/2011/08/stable-channel-update.html
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/68947
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://osvdb.org/74235

Scores

EPSS 0.0102
EPSS Percentile 59.3%

Details

CWE
CWE-20
Status published
Products (1)
google/chrome < 13.0.782.107
Published Aug 03, 2011
Tracked Since Feb 18, 2026