CVE-2011-2874

Google Chrome before 14.0.835.163 does not perform an expected pin operation for a self-signed certificate during a session, which has unspecified impact and remote attack vectors.

🔗 References (10)

• chrome-cve-admin@googlehttp://code.google.com/p/chromium/issues/detail?id=95917
• chrome-cve-admin@googlehttp://googlechromereleases.blogspot.com/2011/09/stable-channel-update_16.html
• chrome-cve-admin@googlehttp://osvdb.org/75567
• chrome-cve-admin@googlehttps://exchange.xforce.ibmcloud.com/vulnerabilities/69892
• chrome-cve-admin@googlehttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14454
• af854a3a-2127-422b-91ae-364da2661108http://code.google.com/p/chromium/issues/detail?id=95917
• af854a3a-2127-422b-91ae-364da2661108http://googlechromereleases.blogspot.com/2011/09/stable-channel-update_16.html
• af854a3a-2127-422b-91ae-364da2661108http://osvdb.org/75567
• af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/69892
• af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14454