CVE-2011-3037

Google Chrome before 17.0.963.65 does not properly perform casts of unspecified variables during the splitting of anonymous blocks, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a crafted document.

Weakness

The product does not correctly convert an object, resource, or structure from one type to a different type.

Affected Software

References

• http://code.google.com/p/chromium/issues/detail?id=113439
• http://code.google.com/p/chromium/issues/detail?id=114924
• http://code.google.com/p/chromium/issues/detail?id=115028
• http://googlechromereleases.blogspot.com/2012/03/chrome-stable-update.html
• http://lists.apple.com/archives/security-announce/2012/Jul/msg00000.html
• http://lists.apple.com/archives/security-announce/2012/Sep/msg00001.html
• http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html
• http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00012.html
• http://osvdb.org/79796
• http://secunia.com/advisories/48265
• http://secunia.com/advisories/48419
• http://secunia.com/advisories/48527
• http://security.gentoo.org/glsa/glsa-201203-19.xml
• http://support.apple.com/kb/HT5400
• http://support.apple.com/kb/HT5485
• http://support.apple.com/kb/HT5503
• http://www.securityfocus.com/bid/52271
• http://www.securitytracker.com/id?1026759
• https://exchange.xforce.ibmcloud.com/vulnerabilities/73648
• https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14397