CVE-2011-2786

Published: Aug 3, 2011Modified: Apr 29, 2026

4.3

Vector

AV:N/AC:M/Au:N/C:N/I:P/A:N

Exploitability: 8.6 / Impact: 2.9

Source: NVD

Description

Google Chrome before 13.0.782.107 does not ensure that the speech-input bubble is shown on the product's screen, which might make it easier for remote attackers to make audio recordings via a crafted web page containing an INPUT element.

Affected (1)

Products: Google: Chrome

1 product

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Google Chrome	Before 13.0.782.107

Related CWEs

Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

References (10)

http://code.google.com/p/chromium/issues/detail?id=84600

Source: chrome-cve-admin@google.com

http://googlechromereleases.blogspot.com/2011/08/stable-channel-update.html

Source: chrome-cve-admin@google.com

http://osvdb.org/74236

Source: chrome-cve-admin@google.com

https://exchange.xforce.ibmcloud.com/vulnerabilities/68948

Source: chrome-cve-admin@google.com

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14331

Source: chrome-cve-admin@google.com

http://code.google.com/p/chromium/issues/detail?id=84600

Source: af854a3a-2127-422b-91ae-364da2661108

http://googlechromereleases.blogspot.com/2011/08/stable-channel-update.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://osvdb.org/74236

Source: af854a3a-2127-422b-91ae-364da2661108

https://exchange.xforce.ibmcloud.com/vulnerabilities/68948

Source: af854a3a-2127-422b-91ae-364da2661108

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14331

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.