CVE-2011-3079

Description

The Inter-process Communication (IPC) implementation in Google Chrome before 18.0.1025.168, as used in Mozilla Firefox before 38.0 and other products, does not properly validate messages, which has unspecified impact and attack vectors.

CVSS Metrics

• v2.0•HIGH•Score: 10AV:N/AC:L/Au:N/C:C/I:C/A:C

EPSS Trends

Current EPSS score: 0.33%• Percentile: 56%

Techniques & Countermeasures

• CWE-399•Resource Management Errors

  Weaknesses in this category are related to improper management of system resources.

Affected Systems

• google•chrome

  ≤ 18.0.1025.166

• Unknown•Firefox

  ≤ 31.6 | ≤ 37.0.2

• mozilla•seamonkey

  ≤ 2.33.0

• mozilla•thunderbird

  ≤ 31.6 | ≤ 38.0

• opensuse•opensuse

  13.1 | 13.2

References (16)

• https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird31.7
• http://googlechromereleases.blogspot.com/2012/04/stable-channel-update_30.html
• http://secunia.com/advisories/48992
• http://www.securitytracker.com/id?1027001
• https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14964
• http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00012.html
• http://www.mozilla.org/security/announce/2015/mfsa2015-57.html
• https://bugzilla.mozilla.org/show_bug.cgi?id=1087565
• http://osvdb.org/81645
• http://www.debian.org/security/2015/dsa-3260
• http://code.google.com/p/chromium/issues/detail?id=117627
• http://lists.opensuse.org/opensuse-updates/2015-05/msg00036.html
• http://rhn.redhat.com/errata/RHSA-2015-1012.html
• http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00031.html
• http://www.securityfocus.com/bid/53309
• https://exchange.xforce.ibmcloud.com/vulnerabilities/75271