CVE-2011-3956

Publication date 9 February 2012

Last updated 24 July 2024

Ubuntu priority

Description

The extension implementation in Google Chrome before 17.0.963.46 does not properly handle sandboxed origins, which might allow remote attackers to bypass the Same Origin Policy via a crafted extension.

Status

Show unmaintained releases

Package	Ubuntu Release	Status
chromium-browser	11.10 oneiric	Fixed 17.0.963.56~r121963-0ubuntu0.11.10.1
	11.04 natty	Fixed 17.0.963.56~r121963-0ubuntu0.11.04.1
	10.10 maverick	Fixed 17.0.963.56~r121963-0ubuntu0.10.10.1
	10.04 LTS lucid	Fixed 17.0.963.56~r121963-0ubuntu0.10.04.1
	8.04 LTS hardy	Not in release

How can I get the fixes?
What do statuses mean?

References

MITRE
NVD
Launchpad
Debian

Other references

http://googlechromereleases.blogspot.com/2012/02/stable-channel-update.html
https://www.cve.org/CVERecord?id=CVE-2011-3956

CVE-2011-3956

Description

Status

References

Other references

Access our resources on patching vulnerabilities