Launchpad.net

CVE 2011-2878

Google Chrome before 14.0.835.202 does not properly restrict access to the window prototype, which allows remote attackers to bypass the Same Origin Policy via unspecified vectors.

Related bugs and status

CVE-2011-2878 (Candidate) is related to these bugs:

Bug #819991: Update to 13.0.782.107

		In	Importance	Status
819991	Update to 13.0.782.107	chromium-browser (Ubuntu)	High	Fix Released
819991	Update to 13.0.782.107	chromium-browser (Ubuntu Lucid)	Medium	Fix Released
819991	Update to 13.0.782.107	chromium-browser (Ubuntu Maverick)	Medium	Fix Released
819991	Update to 13.0.782.107	chromium-browser (Ubuntu Natty)	Medium	Fix Released
819991	Update to 13.0.782.107	chromium-browser (Ubuntu Oneiric)	High	Fix Released

Bug #834922: Update to 13.0.782.215

		In	Importance	Status
834922	Update to 13.0.782.215	chromium-browser (Ubuntu)	Medium	Fix Released
834922	Update to 13.0.782.215	chromium-browser (Ubuntu Lucid)	Medium	Fix Released
834922	Update to 13.0.782.215	chromium-browser (Ubuntu Maverick)	Medium	Fix Released
834922	Update to 13.0.782.215	chromium-browser (Ubuntu Oneiric)	Medium	Fix Released
834922	Update to 13.0.782.215	chromium-browser (Ubuntu Natty)	Undecided	Fix Released

Bug #858744: 13.0.782.215 -> 14.0.835.202

		In	Importance	Status
858744	13.0.782.215 -> 14.0.835.202	chromium-browser (Ubuntu)	High	Fix Released
858744	13.0.782.215 -> 14.0.835.202	chromium-browser (Ubuntu Lucid)	High	Fix Released
858744	13.0.782.215 -> 14.0.835.202	chromium-browser (Ubuntu Maverick)	High	Fix Released
858744	13.0.782.215 -> 14.0.835.202	chromium-browser (Ubuntu Oneiric)	High	Fix Released
858744	13.0.782.215 -> 14.0.835.202	chromium-browser (Ubuntu Natty)	High	Fix Released

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2011-2878

Related bugs and status

Related bugs

References