CVE-2011-3079

The Inter-process Communication (IPC) implementation in Google Chrome before 18.0.1025.168, as used in Mozilla Firefox before 38.0 and other products, does not properly validate messages, which has unspecified impact and attack vectors.

Published: May 1, 2012
Updated: Apr 13, 2023
CVE: CVE-2011-3079
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 10
AV:N/AC:L/Au:N/C:C/I:C/A:C

CWEs:

CWE-399

Affected Software
References

Software	From	Fixed in
opensuse / opensuse	13.1	13.1.x
opensuse / opensuse	13.2	13.2.x
mozilla / thunderbird	-	31.6.x
mozilla / seamonkey	-	2.33.0.x
mozilla / thunderbird	-	38.0.x
mozilla / firefox_esr	-	31.6.x
google / chrome	-	18.0.1025.166.x
mozilla / firefox	-	37.0.2.x

http://code.google.com/p/chromium/issues/detail?id=117627
http://googlechromereleases.blogspot.com/2012/04/stable-channel-update_30.html
http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00012.html
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00031.html
http://lists.opensuse.org/opensuse-updates/2015-05/msg00036.html
http://osvdb.org/81645
http://rhn.redhat.com/errata/RHSA-2015-1012.html
http://secunia.com/advisories/48992
http://www.debian.org/security/2015/dsa-3260
http://www.mozilla.org/security/announce/2015/mfsa2015-57.html
http://www.securityfocus.com/bid/53309
http://www.securitytracker.com/id?1027001
https://bugzilla.mozilla.org/show_bug.cgi?id=1087565
https://exchange.xforce.ibmcloud.com/vulnerabilities/75271
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14964
https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird31.7

Vulnerability Database

289,697

CVE-2011-3079