CVE-2011-3055

Published: Mar 22, 2012

Modified: Aug 6, 2024

PUBLISHED

Description

The browser native UI in Google Chrome before 17.0.963.83 does not require user confirmation before an unpacked extension installation, which allows user-assisted remote attackers to have an unspecified impact via a crafted extension.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

48527

third-party-advisory

x_refsource_SECUNIA

oval:org.mitre.oval:def:15033

vdb-entry

signature

x_refsource_OVAL

openSUSE-SU-2012:0466

vendor-advisory

x_refsource_SUSE

http://code.google.com/p/chromium/issues/detail?id=117736

x_refsource_CONFIRM

http://googlechromereleases.blogspot.com/2012/03/stable-channel-update_21.html

x_refsource_CONFIRM

1026841

vdb-entry

x_refsource_SECTRACK

52674

vdb-entry

x_refsource_BID

google-nativeui-weak-security(74215)

vdb-entry

x_refsource_XF

GLSA-201203-19

vendor-advisory

x_refsource_GENTOO

48512

third-party-advisory

x_refsource_SECUNIA

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2011-3055

Description

Affected Products

References