CVE-2011-3067
Google Chrome < 18.0.1025.151 - Same Origin Policy Bypass via IFRAME Replacement
Title source: llmDescription
Google Chrome before 18.0.1025.151 allows remote attackers to bypass the Same Origin Policy via vectors related to replacement of IFRAME elements.
References (14)
Core 14
Core References
Release Notes, Vendor Advisory x_refsource_confirm
http://googlechromereleases.blogspot.com/2012/04/stable-and-beta-channel-updates.html
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id?1026892
Third Party Advisory vdb-entry
signature
x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15342
Mailing List, Third Party Advisory vendor-advisory
x_refsource_apple
http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html
Third Party Advisory x_refsource_confirm
http://support.apple.com/kb/HT5503
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/52913
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/48749
Exploit, Vendor Advisory x_refsource_confirm
http://code.google.com/p/chromium/issues/detail?id=117583
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/48732
Mailing List, Third Party Advisory vendor-advisory
x_refsource_apple
http://lists.apple.com/archives/security-announce/2012/Jul/msg00000.html
Third Party Advisory vendor-advisory
x_refsource_gentoo
http://security.gentoo.org/glsa/glsa-201204-03.xml
Broken Link vdb-entry
x_refsource_osvdb
http://osvdb.org/81037
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/74627
Third Party Advisory x_refsource_confirm
http://support.apple.com/kb/HT5400
Scores
EPSS
0.0130
EPSS Percentile
66.7%
Details
CWE
CWE-346
Status
published
Products (3)
apple/iphone_os
< 6.0
apple/safari
< 6.0
google/chrome
< 18.0.1025.151
Published
Apr 05, 2012
Tracked Since
Feb 18, 2026