FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

CVE-2011-3887

This CVE name corresponds to:

Entered Topic
2010-12-07 chromium -- multiple vulnerabilities

The following information is adapted from the Common Vulnerabilities and Exposures (CVE) project. CVE and the CVE logo are trademarks of The MITRE Corporation. CVE content is Copyright 2005, The MITRE Corporation.

Details

Type Candidate
Name CVE-2011-3887
Phase Assigned(20111001)

Description

Google Chrome before 15.0.874.102 does not properly handle javascript: URLs, which allows remote attackers to bypass intended access restrictions and read cookies via unspecified vectors.

References

Source Reference
CONFIRM http://code.google.com/p/chromium/issues/detail?id=98407
CONFIRM http://googlechromereleases.blogspot.com/2011/10/chrome-stable-release.html
APPLE APPLE-SA-2012-03-07-2
APPLE APPLE-SA-2012-03-12-1
OVAL oval:org.mitre.oval:def:13179
XF google-chrome-uri-sec-bypass(70965)