CVE-2011-3054:The WebUI privilege implementation in Google Chrome before 17.0.963.83 allows remote attackers to bypass access restrictions.

splash
Back

Description Preview

The WebUI privilege implementation in Google Chrome before version 17.0.963.83 does not properly isolate privileges, enabling remote attackers to circumvent intended access restrictions through unspecified vectors.

Overview

This vulnerability in Google Chrome's WebUI privilege implementation allows remote attackers to bypass access restrictions. It was first made public on March 21, 2012.

Remediation

To remediate this vulnerability, users are advised to update their Google Chrome browser to version 17.0.963.83 or later. This update includes the necessary fixes to properly isolate privileges and prevent remote attackers from bypassing access restrictions.

References

  1. Oval:org.mitre.oval:def:15028 - https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15028
  2. OSVDB-80292 - http://osvdb.org/80292
  3. Secunia Advisory 48527 - http://secunia.com/advisories/48527
  4. openSUSE-SU-2012:0466 - http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00000.html
  5. Google Chrome Releases Blog - http://googlechromereleases.blogspot.com/2012/03/stable-channel-update_21.html
  6. SecurityTracker 1026841 - http://www.securitytracker.com/id?1026841
  7. IBM X-Force Vulnerability 74214 - https://exchange.xforce.ibmcloud.com/vulnerabilities/74214
  8. SecurityFocus BID 52674 - http://www.securityfocus.com/bid/52674
  9. Gentoo GLSA-201203-19 - http://security.gentoo.org/glsa/glsa-201203-19.xml
  10. Secunia Advisory 48512 - http://secunia.com/advisories/48512

Industry ExposureMost to least
This section illustrates the prevalence of a specific Common Vulnerabilities and Exposures (CVE) across various industries based on customer reports. The ranking displays industries from the most to least affected by this particular vulnerability, offering valuable insight into where this CVE has been most frequently observed. This information can help organizations within these sectors prioritize their security efforts, understand their relative risk exposure compared to their peers, and focus remediation strategies where they are most needed. By understanding the industry-specific impact, organizations can make more informed decisions regarding patching, resource allocation, and overall risk management related to this CVE.

  1. Health Care & Social Assistance
    Health Care & Social Assistance
  2. Manufacturing
    Manufacturing
  3. Educational Services
    Educational Services
  4. Public Administration
    Public Administration
  5. Transportation & Warehousing
    Transportation & Warehousing
  6. Professional, Scientific, & Technical Services
    Professional, Scientific, & Technical Services
  7. Arts, Entertainment & Recreation
    Arts, Entertainment & Recreation
  8. Other Services (except Public Administration)
    Other Services (except Public Administration)
  9. Finance and Insurance
    Finance and Insurance
  10. Management of Companies & Enterprises
    Management of Companies & Enterprises
  11. Real Estate Rental & Leasing
    Real Estate Rental & Leasing
  12. Retail Trade
    Retail Trade
  13. Utilities
    Utilities
  14. Construction
    Construction
  15. Mining
    Mining
  16. Wholesale Trade
    Wholesale Trade
  17. Accommodation & Food Services
    Accommodation & Food Services
  18. Administrative, Support, Waste Management & Remediation Services
    Administrative, Support, Waste Management & Remediation Services
  19. Agriculture, Forestry Fishing & Hunting
    Agriculture, Forestry Fishing & Hunting
  20. Information
    Information

Focus on What Matters

  1. See Everything.
  2. Identify True Risk.
  3. Proactively Mitigate Threats.

Let's talk!

background