DEBIAN-CVE-2011-3640

Advisory lineage Upstream: 1 Downstream: 1

Upstream

CVE-2011-3640

Downstream

DSA-2339-1

Published: 28 Oct 2011, 02:49

Last modified:28 Apr 2026, 20:07

Vulnerability Summary

Overall Risk (default)

minimal

0/100

CVSS Score

No data

EPSS Score

No data

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

28 Oct 2011, 02:49

Published

Vulnerability first disclosed

28 Apr 2026, 20:07

Last Modified

Vulnerability information updated

Description

Untrusted search path vulnerability in Mozilla Network Security Services (NSS), as used in Google Chrome before 17 on Windows and Mac OS X, might allow local users to gain privileges via a Trojan horse pkcs11.txt file in a top-level directory. NOTE: the vendor's response was "Strange behavior, but we're not treating this as a security bug."

Affected Systems

debian•nss
< 3.13.1.with.ckbi.1.88-1 | < 3.13.1.with.ckbi.1.88-1 | < 3.13.1.with.ckbi.1.88-1 | < 3.13.1.with.ckbi.1.88-1

References (1)

https://security-tracker.debian.org/tracker/CVE-2011-3640