CVE-2011-2785

high

Description

The extensions implementation in Google Chrome before 13.0.782.107 does not properly validate the URL for the home page, which allows remote attackers to have an unspecified impact via a crafted extension.

References

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14298

https://exchange.xforce.ibmcloud.com/vulnerabilities/68947

http://osvdb.org/74235

http://googlechromereleases.blogspot.com/2011/08/stable-channel-update.html

http://code.google.com/p/chromium/issues/detail?id=84402

Details

Source: Mitre, NVD

Published: 2011-08-03

Updated: 2023-11-07

Risk Information

CVSS v2

Base Score: 4.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N

Severity: Medium

CVSS v3

Base Score: 8.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Severity: High

Detections

Analytics