Vulnerabilities > CVE-2011-3034 - USE After Free vulnerability in Google Chrome

047910
CVSS 6.8 - MEDIUM
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL

Summary

Use-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving an SVG document.

Vulnerable Configurations

Part Description Count
Application
Google
2028
Application
Apple
277
OS
Opensuse
1
OS
Apple
100

Common Weakness Enumeration (CWE)

Nessus

  • NASL familyFreeBSD Local Security Checks
    NASL idFREEBSD_PKG_99AEF69866ED11E1828800262D5ED8EE.NASL
    descriptionGoogle Chrome Releases reports : [105867] High CVE-2011-3031: Use-after-free in v8 element wrapper. Credit to Chamal de Silva. [108037] High CVE-2011-3032: Use-after-free in SVG value handling. Credit to Arthur Gerkis. [108406] [115471] High CVE-2011-3033: Buffer overflow in the Skia drawing library. Credit to Aki Helin of OUSPG. [111748] High CVE-2011-3034: Use-after-free in SVG document handling. Credit to Arthur Gerkis. [112212] High CVE-2011-3035: Use-after-free in SVG use handling. Credit to Arthur Gerkis. [113258] High CVE-2011-3036: Bad cast in line box handling. Credit to miaubiz. [113439] [114924] [115028] High CVE-2011-3037: Bad casts in anonymous block splitting. Credit to miaubiz. [113497] High CVE-2011-3038: Use-after-free in multi-column handling. Credit to miaubiz. [113707] High CVE-2011-3039: Use-after-free in quote handling. Credit to miaubiz. [114054] High CVE-2011-3040: Out-of-bounds read in text handling. Credit to miaubiz. [114068] High CVE-2011-3041: Use-after-free in class attribute handling. Credit to miaubiz. [114219] High CVE-2011-3042: Use-after-free in table section handling. Credit to miaubiz. [115681] High CVE-2011-3043: Use-after-free in flexbox with floats. Credit to miaubiz. [116093] High CVE-2011-3044: Use-after-free with SVG animation elements. Credit to Arthur Gerkis.
    last seen2020-06-01
    modified2020-06-02
    plugin id58210
    published2012-03-06
    reporterThis script is Copyright (C) 2012-2013 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/58210
    titleFreeBSD : chromium -- multiple vulnerabilities (99aef698-66ed-11e1-8288-00262d5ed8ee)
  • NASL familyWindows
    NASL idITUNES_10_7.NASL
    descriptionThe version of Apple iTunes installed on the remote Windows host is older than 10.7 and is, therefore, affected by multiple memory corruption vulnerabilities in WebKit.
    last seen2020-06-01
    modified2020-06-02
    plugin id62077
    published2012-09-13
    reporterThis script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/62077
    titleApple iTunes < 10.7 Multiple Vulnerabilities (credentialed check)
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2012-165.NASL
    descriptionChanges in chromium : - Update to 19.0.1066 - Fixed Chrome install/update resets Google search preferences (Issue: 105390) - Don
    last seen2020-06-05
    modified2014-06-13
    plugin id74570
    published2014-06-13
    reporterThis script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/74570
    titleopenSUSE Security Update : chromium / v8 (openSUSE-SU-2012:0374-1)
  • NASL familyMacOS X Local Security Checks
    NASL idMACOSX_SAFARI6_0.NASL
    descriptionThe version of Apple Safari installed on the remote Mac OS X host is earlier than 6.0. It is, therefore, potentially affected by several issues : - An unspecified cross-site scripting issue exists. (CVE-2012-0678) - An error in the handling of
    last seen2020-06-01
    modified2020-06-02
    plugin id60127
    published2012-07-26
    reporterThis script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/60127
    titleMac OS X : Apple Safari < 6.0 Multiple Vulnerabilities
  • NASL familyWindows
    NASL idGOOGLE_CHROME_17_0_963_65.NASL
    descriptionThe version of Google Chrome installed on the remote host is earlier than 17.0.963.65 and is, therefore, affected by the following vulnerabilities: - Use-after-free errors exist related to
    last seen2020-06-01
    modified2020-06-02
    plugin id58206
    published2012-03-05
    reporterThis script is Copyright (C) 2012-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/58206
    titleGoogle Chrome < 17.0.963.65 Multiple Vulnerabilities
  • NASL familyPeer-To-Peer File Sharing
    NASL idITUNES_10_7_BANNER.NASL
    descriptionThe version of Apple iTunes on the remote host is prior to version 10.7. It is, therefore, affected by multiple memory corruption vulnerabilities in the WebKit component.
    last seen2020-06-01
    modified2020-06-02
    plugin id62078
    published2012-09-13
    reporterThis script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/62078
    titleApple iTunes < 10.7 Multiple Vulnerabilities (uncredentialed check)
  • NASL familyGentoo Local Security Checks
    NASL idGENTOO_GLSA-201203-19.NASL
    descriptionThe remote host is affected by the vulnerability described in GLSA-201203-19 (Chromium: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in Chromium. Please review the CVE identifiers and release notes referenced below for details. Impact : A remote attacker could entice a user to open a specially crafted web site using Chromium, possibly resulting in the execution of arbitrary code with the privileges of the process, a Denial of Service condition, Universal Cross-Site Scripting, or installation of an extension without user interaction. A remote attacker could also entice a user to install a specially crafted extension that would interfere with browser-issued web requests. Workaround : There is no known workaround at this time.
    last seen2020-06-01
    modified2020-06-02
    plugin id59611
    published2012-06-21
    reporterThis script is Copyright (C) 2012-2018 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/59611
    titleGLSA-201203-19 : Chromium: Multiple vulnerabilities

Oval

accepted2013-08-12T04:06:47.895-04:00
classvulnerability
contributors
  • nameShane Shaffer
    organizationG2, Inc.
  • nameShane Shaffer
    organizationG2, Inc.
  • nameShane Shaffer
    organizationG2, Inc.
  • nameMaria Kedovskaya
    organizationALTX-SOFT
definition_extensions
commentGoogle Chrome is installed
ovaloval:org.mitre.oval:def:11914
descriptionUse-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving an SVG document.
familywindows
idoval:org.mitre.oval:def:14839
statusaccepted
submitted2012-03-07T08:34:33.178-04:00
titleUse-after-free vulnerability in Google Chrome before 17.0.963.65 via vectors involving an SVG document
version45

Seebug

bulletinFamilyexploit
descriptionCVE-2011-3031 CVE-2011-3032 CVE-2011-3033 CVE-2011-3034 CVE-2011-3035 CVE-2011-3036 CVE-2011-3037 CVE-2011-3038 CVE-2011-3039 CVE-2011-3040 CVE-2011-3041 CVE-2011-3042 CVE-2011-3043 CVE-2011-3044 Google Chrome是一款开源的WEB浏览器。 Google Chrome存在多个安全漏洞,允许恶意用户利用漏洞进行跨站脚本,绕过安全限制,执行任意代码等攻击。 1)v8 element wrapper处理存在释放后使用错误。 2)SVG值处理存在释放后使用错误。 3)Skia绘图库存在缓冲区溢出。 4)SVG文档处理存在释放后使用错误。 5)SVG使用处理存在释放后使用错误。 6)line-box处理存在类型转换错误。 7)匿名块分拆(anonymous block splitting)存在类型转换错误。 8)多列处理存在释放后使用错误。 9)quote处理存在释放后使用错误。 10)文本处理存在越界读错误。 11)类属性处理存在释放后使用错误。 12)表单选择处理存在释放后使用错误。 13)flexbox浮点处理存在释放后使用错误。 14)SVG动画元素处理存在释放后使用错误。 15)应用程序捆绑了存在漏洞的Adobe Flash player版本 0 Google Chrome 17.0.963.65之前版本 厂商解决方案 Google Chrome 17.0.963.65已经修复此漏洞,建议用户下载使用: http://googlechromereleases.blogspot.com/
idSSV:30172
last seen2017-11-19
modified2012-03-06
published2012-03-06
reporterRoot
titleGoogle Chrome 17.0.963.65之前版本存在多个安全漏洞