CVE-2011-2800 - Vulnerability Details - OpenCVE

Google Chrome before 13.0.782.107 allows remote attackers to obtain potentially sensitive information about client-side redirect targets via a crafted web site.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Apple	Iphone Os Safari
Debian	Debian Linux
Google	Chrome

Configuration 1 [-]

cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*

Configuration 2 [-]

OR	cpe:2.3:a:apple:safari::::::::
	cpe:2.3:o:apple:iphone_os::::::::

Configuration 3 [-]

OR	cpe:2.3:o:debian:debian_linux:6.0:::::::*
	cpe:2.3:o:debian:debian_linux:7.0:::::::*

No data.

References

Link	Providers
http://code.google.com/p/chromium/issues/detail?id=88337
http://googlechromereleases.blogspot.com/2011/08/stable-channel-update.html
http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html
http://lists.apple.com/archives/Security-announce/2011//Oct/msg00004.html
http://osvdb.org/74251
http://support.apple.com/kb/HT4999
http://support.apple.com/kb/HT5000
http://www.debian.org/security/2011/dsa-2307
https://exchange.xforce.ibmcloud.com/vulnerabilities/68962
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14711

History

No history.

MITRE

Status: PUBLISHED

Assigner: Chrome

Published: 2011-08-03T00:00:00

Updated: 2024-08-06T23:15:30.941Z

Reserved: 2011-07-20T00:00:00

Link: CVE-2011-2800

Vulnrichment

No data.

NVD

Status : Deferred

Published: 2011-08-03T00:55:02.333

Modified: 2025-04-11T00:51:21.963

Link: CVE-2011-2800

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2011-08-02T00:00:00", "descriptions": [{"lang": "en", "value": "Google Chrome before 13.0.782.107 allows remote attackers to obtain potentially sensitive information about client-side redirect targets via a crafted web site."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-09-18T12:57:01", "orgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", "shortName": "Chrome"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "http://googlechromereleases.blogspot.com/2011/08/stable-channel-update.html"}, {"name": "DSA-2307", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2011/dsa-2307"}, {"name": "APPLE-SA-2011-10-12-1", "tags": ["vendor-advisory", "x_refsource_APPLE"], "url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html"}, {"name": "APPLE-SA-2011-10-12-4", "tags": ["vendor-advisory", "x_refsource_APPLE"], "url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00004.html"}, {"name": "oval:org.mitre.oval:def:14711", "tags": ["vdb-entry", "signature", "x_refsource_OVAL"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14711"}, {"name": "74251", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://osvdb.org/74251"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://support.apple.com/kb/HT4999"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://code.google.com/p/chromium/issues/detail?id=88337"}, {"name": "google-chrome-redirect-info-disc(68962)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/68962"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://support.apple.com/kb/HT5000"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security@google.com", "ID": "CVE-2011-2800", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Google Chrome before 13.0.782.107 allows remote attackers to obtain potentially sensitive information about client-side redirect targets via a crafted web site."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "http://googlechromereleases.blogspot.com/2011/08/stable-channel-update.html", "refsource": "CONFIRM", "url": "http://googlechromereleases.blogspot.com/2011/08/stable-channel-update.html"}, {"name": "DSA-2307", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2011/dsa-2307"}, {"name": "APPLE-SA-2011-10-12-1", "refsource": "APPLE", "url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html"}, {"name": "APPLE-SA-2011-10-12-4", "refsource": "APPLE", "url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00004.html"}, {"name": "oval:org.mitre.oval:def:14711", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14711"}, {"name": "74251", "refsource": "OSVDB", "url": "http://osvdb.org/74251"}, {"name": "http://support.apple.com/kb/HT4999", "refsource": "CONFIRM", "url": "http://support.apple.com/kb/HT4999"}, {"name": "http://code.google.com/p/chromium/issues/detail?id=88337", "refsource": "CONFIRM", "url": "http://code.google.com/p/chromium/issues/detail?id=88337"}, {"name": "google-chrome-redirect-info-disc(68962)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/68962"}, {"name": "http://support.apple.com/kb/HT5000", "refsource": "CONFIRM", "url": "http://support.apple.com/kb/HT5000"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T23:15:30.941Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://googlechromereleases.blogspot.com/2011/08/stable-channel-update.html"}, {"name": "DSA-2307", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "http://www.debian.org/security/2011/dsa-2307"}, {"name": "APPLE-SA-2011-10-12-1", "tags": ["vendor-advisory", "x_refsource_APPLE", "x_transferred"], "url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html"}, {"name": "APPLE-SA-2011-10-12-4", "tags": ["vendor-advisory", "x_refsource_APPLE", "x_transferred"], "url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00004.html"}, {"name": "oval:org.mitre.oval:def:14711", "tags": ["vdb-entry", "signature", "x_refsource_OVAL", "x_transferred"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14711"}, {"name": "74251", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://osvdb.org/74251"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://support.apple.com/kb/HT4999"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://code.google.com/p/chromium/issues/detail?id=88337"}, {"name": "google-chrome-redirect-info-disc(68962)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/68962"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://support.apple.com/kb/HT5000"}]}]}, "cveMetadata": {"assignerOrgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", "assignerShortName": "Chrome", "cveId": "CVE-2011-2800", "datePublished": "2011-08-03T00:00:00", "dateReserved": "2011-07-20T00:00:00", "dateUpdated": "2024-08-06T23:15:30.941Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*", "matchCriteriaId": "B0449DAC-673D-4A39-8DD6-F533629AF1A4", "versionEndExcluding": "13.0.782.107", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*", "matchCriteriaId": "A5BF38A2-21DC-49F5-AA4B-2AD1596570B6", "versionEndExcluding": "5.1.1", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*", "matchCriteriaId": "DA5FD370-334D-48C5-946C-ADB9C5D7FCDF", "versionEndExcluding": "5.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "036E8A89-7A16-411F-9D31-676313BB7244", "vulnerable": true}, {"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Google Chrome before 13.0.782.107 allows remote attackers to obtain potentially sensitive information about client-side redirect targets via a crafted web site."}, {"lang": "es", "value": "Google Chrome anterior a v13.0.782.107 permite a atacantes remotos obtener informaci\u00f3n sensible sobre los destinos redirigidos, desde el lado del cliente a trav\u00e9s de un sitio web manipulado."}], "id": "CVE-2011-2800", "lastModified": "2025-04-11T00:51:21.963", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}]}, "published": "2011-08-03T00:55:02.333", "references": [{"source": "chrome-cve-admin@google.com", "url": "http://code.google.com/p/chromium/issues/detail?id=88337"}, {"source": "chrome-cve-admin@google.com", "url": "http://googlechromereleases.blogspot.com/2011/08/stable-channel-update.html"}, {"source": "chrome-cve-admin@google.com", "url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html"}, {"source": "chrome-cve-admin@google.com", "url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00004.html"}, {"source": "chrome-cve-admin@google.com", "url": "http://osvdb.org/74251"}, {"source": "chrome-cve-admin@google.com", "url": "http://support.apple.com/kb/HT4999"}, {"source": "chrome-cve-admin@google.com", "url": "http://support.apple.com/kb/HT5000"}, {"source": "chrome-cve-admin@google.com", "url": "http://www.debian.org/security/2011/dsa-2307"}, {"source": "chrome-cve-admin@google.com", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/68962"}, {"source": "chrome-cve-admin@google.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14711"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://code.google.com/p/chromium/issues/detail?id=88337"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://googlechromereleases.blogspot.com/2011/08/stable-channel-update.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00004.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://osvdb.org/74251"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://support.apple.com/kb/HT4999"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://support.apple.com/kb/HT5000"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2011/dsa-2307"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/68962"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14711"}], "sourceIdentifier": "chrome-cve-admin@google.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-200"}], "source": "nvd@nist.gov", "type": "Primary"}]}