Launchpad.net

CVE 2011-2795

Google Chrome before 13.0.782.107 does not prevent calls to functions in other frames, which allows remote attackers to bypass intended access restrictions via a crafted web site, related to a "cross-frame function leak."

Related bugs and status

CVE-2011-2795 (Candidate) is related to these bugs:

Bug #819991: Update to 13.0.782.107

		In	Importance	Status
819991	Update to 13.0.782.107	chromium-browser (Ubuntu)	High	Fix Released
819991	Update to 13.0.782.107	chromium-browser (Ubuntu Lucid)	Medium	Fix Released
819991	Update to 13.0.782.107	chromium-browser (Ubuntu Maverick)	Medium	Fix Released
819991	Update to 13.0.782.107	chromium-browser (Ubuntu Natty)	Medium	Fix Released
819991	Update to 13.0.782.107	chromium-browser (Ubuntu Oneiric)	High	Fix Released

Bug #834922: Update to 13.0.782.215

		In	Importance	Status
834922	Update to 13.0.782.215	chromium-browser (Ubuntu)	Medium	Fix Released
834922	Update to 13.0.782.215	chromium-browser (Ubuntu Lucid)	Medium	Fix Released
834922	Update to 13.0.782.215	chromium-browser (Ubuntu Maverick)	Medium	Fix Released
834922	Update to 13.0.782.215	chromium-browser (Ubuntu Oneiric)	Medium	Fix Released
834922	Update to 13.0.782.215	chromium-browser (Ubuntu Natty)	Undecided	Fix Released

Bug #858744: 13.0.782.215 -> 14.0.835.202

		In	Importance	Status
858744	13.0.782.215 -> 14.0.835.202	chromium-browser (Ubuntu)	High	Fix Released
858744	13.0.782.215 -> 14.0.835.202	chromium-browser (Ubuntu Lucid)	High	Fix Released
858744	13.0.782.215 -> 14.0.835.202	chromium-browser (Ubuntu Maverick)	High	Fix Released
858744	13.0.782.215 -> 14.0.835.202	chromium-browser (Ubuntu Oneiric)	High	Fix Released
858744	13.0.782.215 -> 14.0.835.202	chromium-browser (Ubuntu Natty)	High	Fix Released

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2011-2795

Related bugs and status

Related bugs

References