CVE Vulnerabilities

CVE-2011-3072

Origin Validation Error

Published: Apr 05, 2012 | Modified: Apr 14, 2020
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
6.8 MEDIUM
AV:N/AC:M/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu
MEDIUM

Google Chrome before 18.0.1025.151 allows remote attackers to bypass the Same Origin Policy via vectors related to pop-up windows.

Weakness

The product does not properly verify that the source of data or communication is valid.

Affected Software

Name Vendor Start Version End Version
Chrome Google * 18.0.1025.151 (excluding)
Chromium-browser Ubuntu devel *
Chromium-browser Ubuntu lucid *
Chromium-browser Ubuntu maverick *
Chromium-browser Ubuntu natty *
Chromium-browser Ubuntu oneiric *
Chromium-browser Ubuntu precise *
Chromium-browser Ubuntu upstream *

References