Cross-site scripting in Google Chrome

#VU31667 Cross-site scripting in Google Chrome

Cybersecurity Help s.r.o.

Published: 2011-10-25 | Updated: 2020-07-19

Vulnerability identifier: #VU31667

Vulnerability risk: Low

CVSSv3.1: N/A

CVE-ID: CVE-2011-3881

CWE-ID: CWE-79

Exploitation vector: Local

Exploit availability: No

Vulnerable software:
Google Chrome
Client/Desktop applications / Web browsers

Vendor: Google

Description

The vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.

The vulnerability exists due to insufficient sanitization of user-supplied data when processing data passed via vectors related to (1) the DOMWindow::clear function and use of a selection object, (2) the Object::GetRealNamedPropertyInPrototypeChain function and use of an __proto__ property, (3) the HTMLPlugInImageElement::allowedToLoadFrameURL function and use of a javascript: URL, (4) incorrect origins for XSLT-generated documents in the XSLTProcessor::createDocumentFromSource function, and (5) improper handling of synchronous frame loads in the ScriptController::executeIfJavaScriptURL function. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's browser in context of vulnerable website.

Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.

Mitigation
Update to version 15.0.874.102.

Vulnerable software versions

Google Chrome: 15.0.874.0 - 15.0.874.101

External links
http://code.google.com/p/chromium/issues/detail?id=96047
http://code.google.com/p/chromium/issues/detail?id=96885
http://code.google.com/p/chromium/issues/detail?id=98053
http://code.google.com/p/chromium/issues/detail?id=99512
http://code.google.com/p/chromium/issues/detail?id=99750
http://googlechromereleases.blogspot.com/2011/10/chrome-stable-release.html
http://lists.apple.com/archives/security-announce/2012/Mar/msg00001.html
http://lists.apple.com/archives/security-announce/2012/Mar/msg00003.html
http://secunia.com/advisories/48288
http://secunia.com/advisories/48377
http://www.rafayhackingarticles.net/2014/10/a-tale-of-another-sop-bypass-in-android.html
http://www.securitytracker.com/id?1026774
http://android.googlesource.com/platform/external/webkit/+/109d59bf6fe4abfd001fc60ddd403f1046b117ef
http://exchange.xforce.ibmcloud.com/vulnerabilities/70959
http://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12940

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

Latest bulletins with this vulnerability

Multiple vulnerabilities in Techland Chrome