FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

CVE-2011-3881

This CVE name corresponds to:

Entered	Topic
2010-12-07	chromium -- multiple vulnerabilities

The following information is adapted from the Common Vulnerabilities and Exposures (CVE) project. CVE and the CVE logo are trademarks of The MITRE Corporation. CVE content is Copyright 2005, The MITRE Corporation.

CVE-2011-3881 at cve.mitre.org

Details

Type	Candidate
Name	CVE-2011-3881
Phase	Assigned(20111001)

Description

WebKit, as used in Google Chrome before 15.0.874.102 and Android before 4.4, allows remote attackers to bypass the Same Origin Policy and conduct Universal XSS (UXSS) attacks via vectors related to (1) the DOMWindow::clear function and use of a selection object, (2) the Object::GetRealNamedPropertyInPrototypeChain function and use of an __proto__ property, (3) the HTMLPlugInImageElement::allowedToLoadFrameURL function and use of a javascript: URL, (4) incorrect origins for XSLT-generated documents in the XSLTProcessor::createDocumentFromSource function, and (5) improper handling of synchronous frame loads in the ScriptController::executeIfJavaScriptURL function.

References

Source	Reference
MISC	http://www.rafayhackingarticles.net/2014/10/a-tale-of-another-sop-bypass-in-android.html
CONFIRM	http://code.google.com/p/chromium/issues/detail?id=96047
CONFIRM	http://code.google.com/p/chromium/issues/detail?id=96885
CONFIRM	http://code.google.com/p/chromium/issues/detail?id=98053
CONFIRM	http://code.google.com/p/chromium/issues/detail?id=99512
CONFIRM	http://code.google.com/p/chromium/issues/detail?id=99750
CONFIRM	http://googlechromereleases.blogspot.com/2011/10/chrome-stable-release.html
CONFIRM	https://android.googlesource.com/platform/external/webkit/+/109d59bf6fe4abfd001fc60ddd403f1046b117ef
APPLE	APPLE-SA-2012-03-07-2
APPLE	APPLE-SA-2012-03-12-1
OVAL	oval:org.mitre.oval:def:12940
XF	google-chrome-security-bypass(70959)