#VU33693 Untrusted search path - CVE-2011-3640

Cybersecurity Help s.r.o.

Published: 2011-10-28 | Updated: 2020-08-04

Vulnerability identifier: #VU33693

Vulnerability risk: Medium

CVSSv4.0: 4.8 [CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2011-3640

CWE-ID: CWE-426

Exploitation vector: Network

Exploit availability: No

Description

The vulnerability allows a remote #AU# to execute arbitrary code.

** DISPUTED ** Untrusted search path vulnerability in Mozilla Network Security Services (NSS), as used in Google Chrome before 17 on Windows and Mac OS X, might allow local users to gain privileges via a Trojan horse pkcs11.txt file in a top-level directory. NOTE: the vendor's response was "Strange behavior, but we're not treating this as a security bug."

Mitigation
Install update from vendor's website.

External links
https://blog.acrossecurity.com/2011/10/google-chrome-pkcs11txt-file-planting.html
https://code.google.com/p/chromium/issues/detail?id=97426
https://securityreason.com/securityalert/8483
https://bugzilla.mozilla.org/show_bug.cgi?id=641052
https://hermes.opensuse.org/messages/13154861
https://hermes.opensuse.org/messages/13155432
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13414

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Untrusted search path in nss (Alpine package)