CVE-2011-2783

Published: Aug 3, 2011Modified: Apr 29, 2026

6.8

Vector

AV:N/AC:M/Au:N/C:P/I:P/A:P

Exploitability: 8.6 / Impact: 6.4

Source: NVD

Description

Google Chrome before 13.0.782.107 does not ensure that developer-mode NPAPI extension installations are confirmed by a browser dialog, which makes it easier for remote attackers to modify the product's functionality via a Trojan horse extension.

Affected (1)

Products: Google: Chrome

1 product

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Google Chrome	Before 13.0.782.107

Related CWEs

Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

References (10)

http://code.google.com/p/chromium/issues/detail?id=83273

Source: chrome-cve-admin@google.com

http://googlechromereleases.blogspot.com/2011/08/stable-channel-update.html

Source: chrome-cve-admin@google.com

http://osvdb.org/74233

Source: chrome-cve-admin@google.com

https://exchange.xforce.ibmcloud.com/vulnerabilities/68945

Source: chrome-cve-admin@google.com

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14406

Source: chrome-cve-admin@google.com

http://code.google.com/p/chromium/issues/detail?id=83273

Source: af854a3a-2127-422b-91ae-364da2661108

http://googlechromereleases.blogspot.com/2011/08/stable-channel-update.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://osvdb.org/74233

Source: af854a3a-2127-422b-91ae-364da2661108

https://exchange.xforce.ibmcloud.com/vulnerabilities/68945

Source: af854a3a-2127-422b-91ae-364da2661108

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14406

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.