CVE-2011-2808 Information

Feb 14, 2021 cve

Description

A stale layout root is set as an input element in WebKit in Google Chrome before Blink M13 when a child of a keygen with autofocus is accessed.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Reference

http://code.google.com/p/chromium/issues/detail?id=82063 http://trac.webkit.org/browser/trunk/Source/WebCore/rendering/RenderObject.h?rev=86705L1044 http://trac.webkit.org/changeset/86976 http://trac.webkit.org/changeset/90568 http://trac.webkit.org/changeset/90848 https://bugs.chromium.org/p/chromium/issues/detail?id=83672 https://bugs.webkit.org/show_bug.cgi?id=57091

Attack Complexity

LOW

Privileges Required

NONE

User Interaction Required

NONE

Scope

REQUIRED

Confidentiality Impact

UNCHANGED

Integrity Impact

NONE

Availability Impact

NONE

Base Score

HIGH

Base Severity

6.5

Share on: