Search for vulnerabilities
Vulnerability details: VCID-7jb6-p8xj-aaar
Vulnerability ID VCID-7jb6-p8xj-aaar
Aliases CVE-2011-3062
Summary Off-by-one error in the OpenType Sanitizer in Google Chrome before 18.0.1025.142 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted OpenType file.
Status Published
Exploitability 0.5
Weighted Severity 9.0
Risk 4.5
Affected and Fixed Packages Package Details
Weaknesses (3)
CWE-682 Incorrect Calculation
CWE-193 Off-by-one Error
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
System Score Found at
rhas Critical https://access.redhat.com/errata/RHSA-2012:0515
rhas Critical https://access.redhat.com/errata/RHSA-2012:0516
epss 0.00919 https://api.first.org/data/v1/epss?cve=CVE-2011-3062
epss 0.00919 https://api.first.org/data/v1/epss?cve=CVE-2011-3062
epss 0.00919 https://api.first.org/data/v1/epss?cve=CVE-2011-3062
epss 0.00919 https://api.first.org/data/v1/epss?cve=CVE-2011-3062
epss 0.02026 https://api.first.org/data/v1/epss?cve=CVE-2011-3062
epss 0.02026 https://api.first.org/data/v1/epss?cve=CVE-2011-3062
epss 0.02026 https://api.first.org/data/v1/epss?cve=CVE-2011-3062
epss 0.02026 https://api.first.org/data/v1/epss?cve=CVE-2011-3062
epss 0.02026 https://api.first.org/data/v1/epss?cve=CVE-2011-3062
epss 0.02026 https://api.first.org/data/v1/epss?cve=CVE-2011-3062
epss 0.02026 https://api.first.org/data/v1/epss?cve=CVE-2011-3062
epss 0.02026 https://api.first.org/data/v1/epss?cve=CVE-2011-3062
epss 0.02026 https://api.first.org/data/v1/epss?cve=CVE-2011-3062
epss 0.02026 https://api.first.org/data/v1/epss?cve=CVE-2011-3062
epss 0.02026 https://api.first.org/data/v1/epss?cve=CVE-2011-3062
epss 0.02026 https://api.first.org/data/v1/epss?cve=CVE-2011-3062
epss 0.02392 https://api.first.org/data/v1/epss?cve=CVE-2011-3062
epss 0.02392 https://api.first.org/data/v1/epss?cve=CVE-2011-3062
epss 0.02392 https://api.first.org/data/v1/epss?cve=CVE-2011-3062
epss 0.02392 https://api.first.org/data/v1/epss?cve=CVE-2011-3062
epss 0.02392 https://api.first.org/data/v1/epss?cve=CVE-2011-3062
epss 0.02392 https://api.first.org/data/v1/epss?cve=CVE-2011-3062
epss 0.02392 https://api.first.org/data/v1/epss?cve=CVE-2011-3062
epss 0.02392 https://api.first.org/data/v1/epss?cve=CVE-2011-3062
epss 0.02392 https://api.first.org/data/v1/epss?cve=CVE-2011-3062
epss 0.02392 https://api.first.org/data/v1/epss?cve=CVE-2011-3062
epss 0.02392 https://api.first.org/data/v1/epss?cve=CVE-2011-3062
epss 0.02392 https://api.first.org/data/v1/epss?cve=CVE-2011-3062
epss 0.02392 https://api.first.org/data/v1/epss?cve=CVE-2011-3062
epss 0.02392 https://api.first.org/data/v1/epss?cve=CVE-2011-3062
epss 0.02392 https://api.first.org/data/v1/epss?cve=CVE-2011-3062
epss 0.02392 https://api.first.org/data/v1/epss?cve=CVE-2011-3062
epss 0.02392 https://api.first.org/data/v1/epss?cve=CVE-2011-3062
epss 0.02392 https://api.first.org/data/v1/epss?cve=CVE-2011-3062
epss 0.02392 https://api.first.org/data/v1/epss?cve=CVE-2011-3062
epss 0.02392 https://api.first.org/data/v1/epss?cve=CVE-2011-3062
epss 0.02392 https://api.first.org/data/v1/epss?cve=CVE-2011-3062
epss 0.02392 https://api.first.org/data/v1/epss?cve=CVE-2011-3062
epss 0.02392 https://api.first.org/data/v1/epss?cve=CVE-2011-3062
epss 0.02392 https://api.first.org/data/v1/epss?cve=CVE-2011-3062
epss 0.02392 https://api.first.org/data/v1/epss?cve=CVE-2011-3062
epss 0.02392 https://api.first.org/data/v1/epss?cve=CVE-2011-3062
epss 0.02392 https://api.first.org/data/v1/epss?cve=CVE-2011-3062
epss 0.02392 https://api.first.org/data/v1/epss?cve=CVE-2011-3062
epss 0.02392 https://api.first.org/data/v1/epss?cve=CVE-2011-3062
epss 0.02392 https://api.first.org/data/v1/epss?cve=CVE-2011-3062
epss 0.02392 https://api.first.org/data/v1/epss?cve=CVE-2011-3062
epss 0.02392 https://api.first.org/data/v1/epss?cve=CVE-2011-3062
epss 0.02392 https://api.first.org/data/v1/epss?cve=CVE-2011-3062
epss 0.02392 https://api.first.org/data/v1/epss?cve=CVE-2011-3062
epss 0.02392 https://api.first.org/data/v1/epss?cve=CVE-2011-3062
epss 0.02392 https://api.first.org/data/v1/epss?cve=CVE-2011-3062
epss 0.02392 https://api.first.org/data/v1/epss?cve=CVE-2011-3062
epss 0.02392 https://api.first.org/data/v1/epss?cve=CVE-2011-3062
epss 0.02392 https://api.first.org/data/v1/epss?cve=CVE-2011-3062
epss 0.02392 https://api.first.org/data/v1/epss?cve=CVE-2011-3062
epss 0.02392 https://api.first.org/data/v1/epss?cve=CVE-2011-3062
epss 0.02392 https://api.first.org/data/v1/epss?cve=CVE-2011-3062
epss 0.02392 https://api.first.org/data/v1/epss?cve=CVE-2011-3062
epss 0.02392 https://api.first.org/data/v1/epss?cve=CVE-2011-3062
epss 0.02392 https://api.first.org/data/v1/epss?cve=CVE-2011-3062
epss 0.02392 https://api.first.org/data/v1/epss?cve=CVE-2011-3062
epss 0.02392 https://api.first.org/data/v1/epss?cve=CVE-2011-3062
epss 0.02392 https://api.first.org/data/v1/epss?cve=CVE-2011-3062
epss 0.02392 https://api.first.org/data/v1/epss?cve=CVE-2011-3062
epss 0.02392 https://api.first.org/data/v1/epss?cve=CVE-2011-3062
epss 0.02392 https://api.first.org/data/v1/epss?cve=CVE-2011-3062
epss 0.02392 https://api.first.org/data/v1/epss?cve=CVE-2011-3062
epss 0.02392 https://api.first.org/data/v1/epss?cve=CVE-2011-3062
epss 0.02392 https://api.first.org/data/v1/epss?cve=CVE-2011-3062
epss 0.02392 https://api.first.org/data/v1/epss?cve=CVE-2011-3062
epss 0.02392 https://api.first.org/data/v1/epss?cve=CVE-2011-3062
epss 0.02392 https://api.first.org/data/v1/epss?cve=CVE-2011-3062
epss 0.02392 https://api.first.org/data/v1/epss?cve=CVE-2011-3062
epss 0.02392 https://api.first.org/data/v1/epss?cve=CVE-2011-3062
epss 0.02392 https://api.first.org/data/v1/epss?cve=CVE-2011-3062
epss 0.02392 https://api.first.org/data/v1/epss?cve=CVE-2011-3062
epss 0.02392 https://api.first.org/data/v1/epss?cve=CVE-2011-3062
epss 0.02392 https://api.first.org/data/v1/epss?cve=CVE-2011-3062
epss 0.02392 https://api.first.org/data/v1/epss?cve=CVE-2011-3062
epss 0.02392 https://api.first.org/data/v1/epss?cve=CVE-2011-3062
epss 0.04902 https://api.first.org/data/v1/epss?cve=CVE-2011-3062
rhbs urgent https://bugzilla.redhat.com/show_bug.cgi?id=815042
cvssv2 6.8 https://nvd.nist.gov/vuln/detail/CVE-2011-3062
generic_textual critical https://www.mozilla.org/en-US/security/advisories/mfsa2012-31
Reference id Reference type URL
http://code.google.com/p/chromium/issues/detail?id=116524
http://googlechromereleases.blogspot.com/2012/03/stable-channel-release-and-beta-channel.html
http://osvdb.org/80740
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3062.json
https://api.first.org/data/v1/epss?cve=CVE-2011-3062
https://bugzilla.mozilla.org/show_bug.cgi?id=739925
http://secunia.com/advisories/48618
http://secunia.com/advisories/48691
http://secunia.com/advisories/48763
http://secunia.com/advisories/48972
http://secunia.com/advisories/49047
http://secunia.com/advisories/49055
https://exchange.xforce.ibmcloud.com/vulnerabilities/74412
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15488
http://www.mandriva.com/security/advisories?name=MDVSA-2012:066
http://www.mandriva.com/security/advisories?name=MDVSA-2012:081
http://www.mozilla.org/security/announce/2012/mfsa2012-31.html
http://www.securitytracker.com/id?1026877
815042 https://bugzilla.redhat.com/show_bug.cgi?id=815042
cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:thunderbird_esr:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird_esr:*:*:*:*:*:*:*:*
CVE-2011-3062 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3062
CVE-2011-3062 https://nvd.nist.gov/vuln/detail/CVE-2011-3062
GLSA-201203-24 https://security.gentoo.org/glsa/201203-24
GLSA-201301-01 https://security.gentoo.org/glsa/201301-01
mfsa2012-31 https://www.mozilla.org/en-US/security/advisories/mfsa2012-31
RHSA-2012:0515 https://access.redhat.com/errata/RHSA-2012:0515
RHSA-2012:0516 https://access.redhat.com/errata/RHSA-2012:0516
USN-1430-1 https://usn.ubuntu.com/1430-1/
USN-1430-3 https://usn.ubuntu.com/1430-3/
No exploits are available.
Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P Found at https://nvd.nist.gov/vuln/detail/CVE-2011-3062
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Exploit Prediction Scoring System (EPSS)
Percentile 0.82668
EPSS Score 0.00919
Published At Dec. 17, 2024, midnight
Date Actor Action Source VulnerableCode Version
There are no relevant records.