CVE-2011-3079
First published: Tue May 01 2012(Updated: )
The Inter-process Communication (IPC) implementation in Google Chrome before 18.0.1025.168, as used in Mozilla Firefox before 38.0 and other products, does not properly validate messages, which has unspecified impact and attack vectors.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| openSUSE | =13.1 | |
| openSUSE | =13.2 | |
| Thunderbird | <=31.6 | |
| Mozilla SeaMonkey | <=2.33.0 | |
| Thunderbird | <=38.0 | |
| Firefox ESR | <=31.6 | |
| Google Chrome | <=18.0.1025.166 | |
| Firefox | <=37.0.2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://code.google.com/p/chromium/issues/detail?id=117627
- http://googlechromereleases.blogspot.com/2012/04/stable-channel-update_30.html
- http://www.mozilla.org/security/announce/2015/mfsa2015-57.html
- https://bugzilla.mozilla.org/show_bug.cgi?id=1087565
- http://lists.opensuse.org/opensuse-updates/2015-05/msg00036.html
- http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00031.html
- https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird31.7
- http://www.debian.org/security/2015/dsa-3260
- http://rhn.redhat.com/errata/RHSA-2015-1012.html
- http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00012.html
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14964
- https://exchange.xforce.ibmcloud.com/vulnerabilities/75271
- http://www.securitytracker.com/id?1027001
- http://www.securityfocus.com/bid/53309
- http://secunia.com/advisories/48992
- http://osvdb.org/81645
Frequently Asked Questions
What is the severity of CVE-2011-3079?
CVE-2011-3079 is classified with unspecified severity, as it impacts inter-process communication in several browsers.
How do I fix CVE-2011-3079?
To fix CVE-2011-3079, update Google Chrome to version 18.0.1025.168 or later, and update affected Mozilla products to their respective fixed versions.
Which versions of Chrome are affected by CVE-2011-3079?
CVE-2011-3079 affects Google Chrome versions prior to 18.0.1025.168.
Which versions of Firefox are vulnerable to CVE-2011-3079?
CVE-2011-3079 affects Mozilla Firefox versions up to 37.0.2.
Is CVE-2011-3079 related to other applications?
Yes, CVE-2011-3079 also impacts Mozilla SeaMonkey, Thunderbird, and Firefox ESR prior to specific versions.
- agent/references
- agent/type
- agent/severity
- agent/author
- agent/weakness
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/first-publish-date
- agent/event
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-historical
- agent/software-canonical-lookup-request
- collector/nvd-index
- vendor/opensuse
- canonical/opensuse
- version/opensuse/13.1
- version/opensuse/13.2
- vendor/mozilla
- canonical/thunderbird
- version/thunderbird/31.6
- canonical/mozilla seamonkey
- version/mozilla seamonkey/2.33.0
- version/thunderbird/38.0
- canonical/firefox esr
- version/firefox esr/31.6
- vendor/google
- canonical/google chrome
- version/google chrome/18.0.1025.166
- canonical/firefox
- version/firefox/37.0.2