FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

CVE-2011-3062

This CVE name corresponds to:

Entered Topic
2012-04-24 mozilla -- multiple vulnerabilities
2012-03-28 chromium -- multiple vulnerabilities

The following information is adapted from the Common Vulnerabilities and Exposures (CVE) project. CVE and the CVE logo are trademarks of The MITRE Corporation. CVE content is Copyright 2005, The MITRE Corporation.

Details

Type Candidate
Name CVE-2011-3062
Phase Assigned(20110809)

Description

Off-by-one error in the OpenType Sanitizer in Google Chrome before 18.0.1025.142 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted OpenType file.

References

Source Reference
CONFIRM http://code.google.com/p/chromium/issues/detail?id=116524
CONFIRM http://googlechromereleases.blogspot.com/2012/03/stable-channel-release-and-beta-channel.html
CONFIRM http://www.mozilla.org/security/announce/2012/mfsa2012-31.html
CONFIRM https://bugzilla.mozilla.org/show_bug.cgi?id=739925
OSVDB 80740
OVAL oval:org.mitre.oval:def:15488
SECTRACK 1026877
SECUNIA 48618
SECUNIA 48691
SECUNIA 48972
SECUNIA 49047
SECUNIA 49055
SECUNIA 48763
XF chrome-sanitizer-code-exec(74412)