Search for vulnerabilities
| Vulnerability ID | VCID-8ayq-ktgc-bbdt |
| Aliases |
CVE-2011-1202
|
| Summary | Chris Evans of the Chrome Security Team reported that the XSLT generate-id() function returned a string that revealed a specific valid address of an object on the memory heap. It is possible that in some cases this address would be valuable information that could be used by an attacker while exploiting a different memory corruption but, in order to make an exploit more reliable or work around mitigation features in the browser or operating system. |
| Status | Published |
| Exploitability | 0.5 |
| Weighted Severity | 2.7 |
| Risk | 1.4 |
| Affected and Fixed Packages | Package Details |
| There are no known CWE. |
| Reference id | Reference type | URL |
|---|---|---|
| https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1202.json | ||
| https://api.first.org/data/v1/epss?cve=CVE-2011-1202 | ||
| 617413 | https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=617413 | |
| 684386 | https://bugzilla.redhat.com/show_bug.cgi?id=684386 | |
| CVE-2011-1202 | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1202 | |
| mfsa2011-18 | https://www.mozilla.org/en-US/security/advisories/mfsa2011-18 | |
| RHSA-2011:0471 | https://access.redhat.com/errata/RHSA-2011:0471 | |
| RHSA-2012:1265 | https://access.redhat.com/errata/RHSA-2012:1265 | |
| USN-1112-1 | https://usn.ubuntu.com/1112-1/ | |
| USN-1121-1 | https://usn.ubuntu.com/1121-1/ | |
| USN-1122-1 | https://usn.ubuntu.com/1122-1/ | |
| USN-1122-2 | https://usn.ubuntu.com/1122-2/ | |
| USN-1123-1 | https://usn.ubuntu.com/1123-1/ | |
| USN-1595-1 | https://usn.ubuntu.com/1595-1/ |
| Percentile | 0.65959 |
| EPSS Score | 0.00524 |
| Published At | Aug. 16, 2025, 12:55 p.m. |
| Date | Actor | Action | Source | VulnerableCode Version |
|---|---|---|---|---|
| 2025-07-31T08:10:50.084904+00:00 | Mozilla Importer | Import | https://github.com/mozilla/foundation-security-advisories/blob/master/announce/2011/mfsa2011-18.md | 37.0.0 |