CVE-2011-1187 - Vulnerability Details - OpenCVE

Google Chrome before 10.0.648.127 allows remote attackers to bypass the Same Origin Policy via unspecified vectors, related to an "error message leak."

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Google	Chrome
Mozilla	Firefox Seamonkey Thunderbird

Configuration 1 [-]

cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*

Configuration 2 [-]

OR	cpe:2.3:a:mozilla:firefox::::::::
	cpe:2.3:a:mozilla:seamonkey::::::::
	cpe:2.3:a:mozilla:thunderbird::::::::

No data.

References

Link	Providers
http://code.google.com/p/chromium/issues/detail?id=69187
http://googlechromereleases.blogspot.com/2011/03/chrome-stable-release.html
http://secunia.com/advisories/48972
http://secunia.com/advisories/49047
http://secunia.com/advisories/49055
http://www.mozilla.org/security/announce/2012/mfsa2012-32.html
http://www.securityfocus.com/bid/46785
http://www.vupen.com/english/advisories/2011/0628
https://bugzilla.mozilla.org/show_bug.cgi?id=624621
https://exchange.xforce.ibmcloud.com/vulnerabilities/65951
https://nvd.nist.gov/vuln/detail/CVE-2011-1187
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14369
https://www.cve.org/CVERecord?id=CVE-2011-1187

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2011-03-11T01:00:00

Updated: 2024-08-06T22:21:33.496Z

Reserved: 2011-03-03T00:00:00

Link: CVE-2011-1187

Vulnrichment

No data.

NVD

Status : Deferred

Published: 2011-03-11T02:01:18.700

Modified: 2025-04-11T00:51:21.963

Link: CVE-2011-1187

Redhat

Severity :

Publid Date: 2012-04-24T00:00:00Z

Links: CVE-2011-1187 - Bugzilla

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2011-03-08T00:00:00", "descriptions": [{"lang": "en", "value": "Google Chrome before 10.0.648.127 allows remote attackers to bypass the Same Origin Policy via unspecified vectors, related to an \"error message leak.\""}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-09-18T12:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "46785", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/46785"}, {"name": "google-unspecified-info-disc(65951)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65951"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://googlechromereleases.blogspot.com/2011/03/chrome-stable-release.html"}, {"name": "49055", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/49055"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.mozilla.org/security/announce/2012/mfsa2012-32.html"}, {"name": "48972", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/48972"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=624621"}, {"name": "49047", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/49047"}, {"name": "oval:org.mitre.oval:def:14369", "tags": ["vdb-entry", "signature", "x_refsource_OVAL"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14369"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://code.google.com/p/chromium/issues/detail?id=69187"}, {"name": "ADV-2011-0628", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2011/0628"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2011-1187", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Google Chrome before 10.0.648.127 allows remote attackers to bypass the Same Origin Policy via unspecified vectors, related to an \"error message leak.\""}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "46785", "refsource": "BID", "url": "http://www.securityfocus.com/bid/46785"}, {"name": "google-unspecified-info-disc(65951)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65951"}, {"name": "http://googlechromereleases.blogspot.com/2011/03/chrome-stable-release.html", "refsource": "CONFIRM", "url": "http://googlechromereleases.blogspot.com/2011/03/chrome-stable-release.html"}, {"name": "49055", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/49055"}, {"name": "http://www.mozilla.org/security/announce/2012/mfsa2012-32.html", "refsource": "CONFIRM", "url": "http://www.mozilla.org/security/announce/2012/mfsa2012-32.html"}, {"name": "48972", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/48972"}, {"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=624621", "refsource": "CONFIRM", "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=624621"}, {"name": "49047", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/49047"}, {"name": "oval:org.mitre.oval:def:14369", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14369"}, {"name": "http://code.google.com/p/chromium/issues/detail?id=69187", "refsource": "CONFIRM", "url": "http://code.google.com/p/chromium/issues/detail?id=69187"}, {"name": "ADV-2011-0628", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2011/0628"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T22:21:33.496Z"}, "title": "CVE Program Container", "references": [{"name": "46785", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/46785"}, {"name": "google-unspecified-info-disc(65951)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65951"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://googlechromereleases.blogspot.com/2011/03/chrome-stable-release.html"}, {"name": "49055", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/49055"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.mozilla.org/security/announce/2012/mfsa2012-32.html"}, {"name": "48972", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/48972"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=624621"}, {"name": "49047", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/49047"}, {"name": "oval:org.mitre.oval:def:14369", "tags": ["vdb-entry", "signature", "x_refsource_OVAL", "x_transferred"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14369"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://code.google.com/p/chromium/issues/detail?id=69187"}, {"name": "ADV-2011-0628", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2011/0628"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2011-1187", "datePublished": "2011-03-11T01:00:00", "dateReserved": "2011-03-03T00:00:00", "dateUpdated": "2024-08-06T22:21:33.496Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*", "matchCriteriaId": "C7AD8B5C-C973-4445-B111-716D9814CE79", "versionEndExcluding": "10.0.648.127", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "matchCriteriaId": "C5BD15C4-E072-4A61-A8E3-661C7CDDA61F", "versionEndExcluding": "12.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*", "matchCriteriaId": "13ADB6A6-FE71-4405-8BAC-2F3472147F5E", "versionEndExcluding": "2.9", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "matchCriteriaId": "8B63D732-FEBC-4CCC-9E45-3DA074AF8E2C", "versionEndExcluding": "12.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Google Chrome before 10.0.648.127 allows remote attackers to bypass the Same Origin Policy via unspecified vectors, related to an \"error message leak.\""}, {"lang": "es", "value": "Google Chrome en versiones anteriores a la 10.0.648.127 permite a atacantes remotos evitar la pol\u00edtica de mismo origen (\"Same Origin Policy\") a trav\u00e9s de vectores sin especificar. Relacionado con un \"error message leak\"."}], "id": "CVE-2011-1187", "lastModified": "2025-04-11T00:51:21.963", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2011-03-11T02:01:18.700", "references": [{"source": "cve@mitre.org", "tags": ["Exploit", "Issue Tracking", "Vendor Advisory"], "url": "http://code.google.com/p/chromium/issues/detail?id=69187"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://googlechromereleases.blogspot.com/2011/03/chrome-stable-release.html"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://secunia.com/advisories/48972"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://secunia.com/advisories/49047"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://secunia.com/advisories/49055"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://www.mozilla.org/security/announce/2012/mfsa2012-32.html"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/46785"}, {"source": "cve@mitre.org", "tags": ["Permissions Required"], "url": "http://www.vupen.com/english/advisories/2011/0628"}, {"source": "cve@mitre.org", "tags": ["Exploit", "Issue Tracking", "Third Party Advisory"], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=624621"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65951"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14369"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Issue Tracking", "Vendor Advisory"], "url": "http://code.google.com/p/chromium/issues/detail?id=69187"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://googlechromereleases.blogspot.com/2011/03/chrome-stable-release.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://secunia.com/advisories/48972"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://secunia.com/advisories/49047"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://secunia.com/advisories/49055"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://www.mozilla.org/security/announce/2012/mfsa2012-32.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/46785"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Permissions Required"], "url": "http://www.vupen.com/english/advisories/2011/0628"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Issue Tracking", "Third Party Advisory"], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=624621"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65951"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14369"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-200"}], "source": "nvd@nist.gov", "type": "Primary"}]}