CVE-2011-3054
Google Chrome < 17.0.963.83 - Privilege Escalation via WebUI Isolation Bypass
Title source: llmDescription
The WebUI privilege implementation in Google Chrome before 17.0.963.83 does not properly perform isolation, which allows remote attackers to bypass intended access restrictions via unspecified vectors.
References (11)
Core 11
Core References
Third Party Advisory vdb-entry
signature
x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15028
Broken Link vdb-entry
x_refsource_osvdb
http://osvdb.org/80292
Not Applicable third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/48527
Mailing List, Third Party Advisory vendor-advisory
x_refsource_suse
http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00000.html
Release Notes, Vendor Advisory x_refsource_confirm
http://googlechromereleases.blogspot.com/2012/03/stable-channel-update_21.html
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id?1026841
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/74214
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/52674
Vendor Advisory x_refsource_confirm
http://code.google.com/p/chromium/issues/detail?id=117418
Third Party Advisory vendor-advisory
x_refsource_gentoo
http://security.gentoo.org/glsa/glsa-201203-19.xml
Not Applicable third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/48512
Scores
EPSS
0.0182
EPSS Percentile
76.0%
Details
CWE
CWE-269
Status
published
Products (2)
google/chrome
< 17.0.963.83
opensuse/opensuse
12.1
Published
Mar 22, 2012
Tracked Since
Feb 18, 2026