CVE-2011-3895
Severity CVSS v4.0:
Pending analysis
Type:
CWE-787
Out-of-bounds Write
Publication date:
11/11/2011
Last modified:
11/04/2025
Description
Heap-based buffer overflow in the Vorbis decoder in Google Chrome before 15.0.874.120 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted stream.
Impact
Base Score 2.0
7.50
Severity 2.0
HIGH
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:* | 15.0.874.120 (excluding) | |
| cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- http://code.google.com/p/chromium/issues/detail?id=101458
- http://googlechromereleases.blogspot.com/2011/11/stable-channel-update.html
- http://secunia.com/advisories/46933
- http://secunia.com/advisories/49089
- http://www.debian.org/security/2012/dsa-2471
- http://www.mandriva.com/security/advisories?name=MDVSA-2012%3A074
- http://www.mandriva.com/security/advisories?name=MDVSA-2012%3A075
- http://www.mandriva.com/security/advisories?name=MDVSA-2012%3A076
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13551
- http://code.google.com/p/chromium/issues/detail?id=101458
- http://googlechromereleases.blogspot.com/2011/11/stable-channel-update.html
- http://secunia.com/advisories/46933
- http://secunia.com/advisories/49089
- http://www.debian.org/security/2012/dsa-2471
- http://www.mandriva.com/security/advisories?name=MDVSA-2012%3A074
- http://www.mandriva.com/security/advisories?name=MDVSA-2012%3A075
- http://www.mandriva.com/security/advisories?name=MDVSA-2012%3A076
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13551