Integer Overflow in WebKit of Google Chrome on macOS
CVE-2011-1298

7.5HIGH

Key Information:

Vendor

Google
Status
Blink
Vendor
CVE Published:
6 November 2019

What is CVE-2011-1298?

An integer overflow vulnerability in the WebKit component of Google Chrome for macOS can lead to unexpected behavior in the WebCore::GraphicsContext::fillRect function. This security flaw allows attackers to exploit memory management flaws, potentially leading to arbitrary code execution or browser crashes. Users of vulnerable versions are encouraged to update their browsers to patch this vulnerability and maintain system integrity.

References

https://bugs.chromium.org/p/chromium/issues/detail?id=75155
x_refsource_MISC
http://trac.webkit.org/changeset/80579
x_refsource_MISC
http://trac.webkit.org/changeset/81431
x_refsource_MISC

CVSS V3.1

Score:
7.5
Severity:
HIGH
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.