Sign-up

ID

VAR-201105-0216


CVE

CVE-2011-1800


TITLE

Google Chrome of SVG Integer overflow vulnerability in filters

Trust: 0.8

sources: JVNDB: JVNDB-2011-004555

DESCRIPTION

Multiple integer overflows in the SVG Filters implementation in WebCore in WebKit in Google Chrome before 11.0.696.68 allow remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. Google Chrome is prone to multiple remote integer-overflow vulnerabilities. Successful exploits will allow an attacker to execute arbitrary code in the context of the user running the application. Failed attacks may cause denial-of-service conditions. Google Chrome is a web browser developed by Google (Google)

Trust: 1.98

sources: NVD: CVE-2011-1800 // JVNDB: JVNDB-2011-004555 // BID: 47828 // VULHUB: VHN-49745

AFFECTED PRODUCTS

vendor:googlemodel:chromescope:ltversion:11.0.696.71

Trust: 1.0

vendor:googlemodel:chromescope:ltversion:11.0.696.68

Trust: 0.8

vendor:applemodel:webkitscope: - version: -

Trust: 0.8

vendor:googlemodel:chromescope:eqversion:3.0.195.25

Trust: 0.6

vendor:googlemodel:chromescope:eqversion:3.0.195.2

Trust: 0.6

vendor:googlemodel:chromescope:eqversion:5.0.324.0

Trust: 0.6

vendor:googlemodel:chromescope:eqversion:3.0.195.36

Trust: 0.6

vendor:googlemodel:chromescope:eqversion:1.0.154.59

Trust: 0.6

vendor:googlemodel:chromescope:eqversion:8.0.552.220

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:8.0.552.101

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:9.0.597.94

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:11.0.696.57

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:8.0.552.223

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:8.0.552.303

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:8.0.552.20

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:11.0.696.43

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:8.0.552.300

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:8.0.552.203

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:8.0.552.105

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:8.0.552.10

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:8.0.552.211

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:8.0.552.18

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:8.0.552.221

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:8.0.552.104

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:8.0.552.12

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:8.0.552.213

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:8.0.552.306

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:8.0.552.102

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:10.0.648.204

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:8.0.552.307

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:8.0.551.0

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:8.0.552.208

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:10.0.648.128

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:8.0.552.19

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:8.0.552.301

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:8.0.552.0

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:8.0.552.1

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:8.0.552.14

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:8.0.552.15

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:8.0.552.205

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:8.0.552.16

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:8.0.552.17

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:8.0.552.204

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:8.0.552.222

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:8.0.552.215

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:10.0.648.127

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:11.0.696.65

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:8.0.552.225

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:8.0.552.21

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:9.0.597.107

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:8.0.552.302

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:8.0.552.219

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:8.0.552.310

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:8.0.552.218

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:8.0.552.103

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:8.0.552.217

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:8.0.552.224

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:8.0.552.100

Trust: 0.3

vendor:googlemodel:chromescope:neversion:11.0.696.68

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:8.0.552.13

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:8.0.552.308

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:9.0.597.84

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:8.0.552.210

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:8.0.550.0

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:8.0.552.309

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:8.0.552.214

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:8.0.552.209

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:8.0.552.202

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:8.0.552.226

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:8.0.551.1

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:8.0.552.201

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:8.0.552.11

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:11.0.672.2

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:8.0.549.0

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:10

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:8.0.552.304

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:8.0.552.2

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:11

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:8.0.552.207

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:8.0.552.212

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:8.0.552.305

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:8.0.552.216

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:8.0.552.237

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:8.0.552.344

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:8.0.552.206

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:10.0.648.133

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:10.0.648.205

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:8.0.552.200

Trust: 0.3

sources: BID: 47828 // JVNDB: JVNDB-2011-004555 // CNNVD: CNNVD-201105-190 // NVD: CVE-2011-1800

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2011-1800
value: HIGH

Trust: 1.0

NVD: CVE-2011-1800
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-201105-190
value: MEDIUM

Trust: 0.6

VULHUB: VHN-49745
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2011-1800
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

NVD: CVE-2011-1800
severity: MEDIUM
baseScore: 6.8
vectorString: AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: NONE
impactScore: NONE
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.8

VULHUB: VHN-49745
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-49745 // JVNDB: JVNDB-2011-004555 // CNNVD: CNNVD-201105-190 // NVD: CVE-2011-1800

PROBLEMTYPE DATA

problemtype:CWE-190

Trust: 1.1

problemtype:CWE-189

Trust: 0.9

sources: VULHUB: VHN-49745 // JVNDB: JVNDB-2011-004555 // NVD: CVE-2011-1800

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201105-190

TYPE

input validation error

Trust: 0.6

sources: CNNVD: CNNVD-201105-190

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2011-004555

PATCH
title:85996url:http://trac.webkit.org/changeset/85996
Trust: 0.8
title:Stable Channel Updateurl:http://googlechromereleases.blogspot.com/2011/05/stable-channel-update.html
Trust: 0.8
title:WebKit WebCore SVG Filters Fixes for multiple integer overflow vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=119450
Trust: 0.6
sources:
            
            
            JVNDB: JVNDB-2011-004555 // 
            
            
            
            CNNVD: CNNVD-201105-190

EXTERNAL IDS
db:NVDid:CVE-2011-1800
Trust: 2.8
db:JVNDBid:JVNDB-2011-004555
Trust: 0.8
db:CNNVDid:CNNVD-201105-190
Trust: 0.7
db:BIDid:47828
Trust: 0.4
db:VULHUBid:VHN-49745
Trust: 0.1
sources:
            
            
            VULHUB: VHN-49745 // 
            
            
            
            BID: 47828 // 
            
            
            
            JVNDB: JVNDB-2011-004555 // 
            
            
            
            CNNVD: CNNVD-201105-190 // 
            
            
            
            NVD: CVE-2011-1800

REFERENCES
url:http://googlechromereleases.blogspot.com/2011/05/stable-channel-update.html
Trust: 2.0
url:http://code.google.com/p/chromium/issues/detail?id=80608
Trust: 1.7
url:http://codereview.chromium.org/6949013
Trust: 1.7
url:http://trac.webkit.org/changeset/85996
Trust: 1.7
url:https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a14187
Trust: 1.7
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-1800
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-1800
Trust: 0.8
url:http://www.google.com/chrome
Trust: 0.3
sources:
            
            
            VULHUB: VHN-49745 // 
            
            
            
            BID: 47828 // 
            
            
            
            JVNDB: JVNDB-2011-004555 // 
            
            
            
            CNNVD: CNNVD-201105-190 // 
            
            
            
            NVD: CVE-2011-1800

CREDITS
Google Chrome Security Team (Cris Neckar)
Trust: 0.3
sources:
            
            
            BID: 47828

SOURCES
db:VULHUBid:VHN-49745
db:BIDid:47828
db:JVNDBid:JVNDB-2011-004555
db:CNNVDid:CNNVD-201105-190
db:NVDid:CVE-2011-1800

LAST UPDATE DATE
2025-04-11T22:54:01.668000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-49745date:2020-05-22T00:00:00
db:BIDid:47828date:2015-03-19T08:41:00
db:JVNDBid:JVNDB-2011-004555date:2012-03-27T00:00:00
db:CNNVDid:CNNVD-201105-190date:2021-07-12T00:00:00
db:NVDid:CVE-2011-1800date:2025-04-11T00:51:21.963

SOURCES RELEASE DATE
db:VULHUBid:VHN-49745date:2011-05-16T00:00:00
db:BIDid:47828date:2011-05-12T00:00:00
db:JVNDBid:JVNDB-2011-004555date:2012-03-27T00:00:00
db:CNNVDid:CNNVD-201105-190date:2011-05-17T00:00:00
db:NVDid:CVE-2011-1800date:2011-05-16T17:55:04.183