CVE-2011-1295

Published: Mar 25, 2011Modified: Apr 29, 2026

7.5

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability: 10.0 / Impact: 6.4

Source: NVD

Description

WebKit, as used in Google Chrome before 10.0.648.204 and Apple Safari before 5.0.6, does not properly handle node parentage, which allows remote attackers to cause a denial of service (DOM tree corruption), conduct cross-site scripting (XSS) attacks, or possibly have unspecified other impact via unknown vectors.

Affected (3)

Products: Google: Chrome · Apple: Iphone Os, Safari

1 product

2 products

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Google Chrome	Before 10.0.648.204

Configuration B

2 vulnerable

Vulnerable Software	Affected Versions
Apple Iphone Os	Before 5.0
Apple Safari	Before 5.0.6

Related CWEs

Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

References (22)

http://code.google.com/p/chromium/issues/detail?id=74991

Source: cve@mitre.org

Permissions Required

http://googlechromereleases.blogspot.com/2011/03/stable-channel-update.html

Source: cve@mitre.org

Vendor Advisory

http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html

Source: cve@mitre.org

Mailing ListThird Party Advisory

http://lists.apple.com/archives/security-announce/2011//Jul/msg00002.html

Source: cve@mitre.org

Mailing ListThird Party Advisory

http://secunia.com/advisories/43859

Source: cve@mitre.org

Third Party Advisory

http://support.apple.com/kb/HT4808

Source: cve@mitre.org

Third Party Advisory

http://support.apple.com/kb/HT4999

Source: cve@mitre.org

Third Party Advisory

http://www.securityfocus.com/bid/47029

Source: cve@mitre.org

Third Party AdvisoryVDB Entry

http://www.vupen.com/english/advisories/2011/0765

Source: cve@mitre.org

Permissions Required

https://exchange.xforce.ibmcloud.com/vulnerabilities/66302

Source: cve@mitre.org

Third Party AdvisoryVDB Entry

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14269

Source: cve@mitre.org

Third Party Advisory

http://code.google.com/p/chromium/issues/detail?id=74991

Source: af854a3a-2127-422b-91ae-364da2661108

Permissions Required

http://googlechromereleases.blogspot.com/2011/03/stable-channel-update.html

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing ListThird Party Advisory

http://lists.apple.com/archives/security-announce/2011//Jul/msg00002.html

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing ListThird Party Advisory

http://secunia.com/advisories/43859

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

http://support.apple.com/kb/HT4808

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

http://support.apple.com/kb/HT4999

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

http://www.securityfocus.com/bid/47029

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

http://www.vupen.com/english/advisories/2011/0765

Source: af854a3a-2127-422b-91ae-364da2661108

Permissions Required

https://exchange.xforce.ibmcloud.com/vulnerabilities/66302

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14269

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

Timeline

No history available yet.