Out-of-bounds Read in webkit | CVE-2011-3060

Threat Intelligence

0.59% (79^th percentile)

Do your applications use this vulnerable package?

In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.

Test your applications

Snyk IDSNYK-UBUNTU1210-WEBKIT-652048
published30 Mar 2012
disclosed30 Mar 2012

Report a new vulnerability Found a mistake?

Introduced: 30 Mar 2012

CVE-2011-3060 (opens in a new tab) CWE-125 (opens in a new tab)

Amendment

The Ubuntu security team deemed this advisory irrelevant for Ubuntu:12.10.

NVD Description

Note: Versions mentioned in the description apply only to the upstream webkit package and not the webkit package as distributed by Ubuntu.

Google Chrome before 18.0.1025.142 does not properly handle text fragments, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.

References

http://people.ubuntu.com/~ubuntu-security/cve/CVE-2011-3060
http://support.apple.com/kb/HT5400
http://support.apple.com/kb/HT5485
http://support.apple.com/kb/HT5503
http://lists.apple.com/archives/security-announce/2012/Jul/msg00000.html
http://lists.apple.com/archives/security-announce/2012/Sep/msg00001.html
http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html
http://googlechromereleases.blogspot.com/2012/03/stable-channel-release-and-beta-channel.html
http://code.google.com/p/chromium/issues/detail?id=114056
https://security-tracker.debian.org/tracker/CVE-2011-3060
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15364
http://secunia.com/advisories/48618
http://secunia.com/advisories/48691
http://secunia.com/advisories/48763
http://www.securityfocus.com/bid/52762
http://www.securitytracker.com/id?1026877
https://exchange.xforce.ibmcloud.com/vulnerabilities/74410

Out-of-bounds Read The advisory has been revoked - it doesn't affect any version of package webkit (opens in a new tab)