CVE-2011-3046
Description
The extension subsystem in Google Chrome before 17.0.963.78 does not properly handle history navigation, which allows remote attackers to execute arbitrary code by leveraging a "Universal XSS (UXSS)" issue.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
CVE-2011-3046 describes a Universal XSS (UXSS) vulnerability in Chrome's extension subsystem, fixed in version 17.0.963.78.
Vulnerability
The extension subsystem in Google Chrome before 17.0.963.78 improperly handles history navigation, leading to a Universal Cross-Site Scripting (UXSS) issue [1]. This bug allows an attacker to bypass the Same-Origin Policy, enabling code execution in the context of any web page.
Exploitation
To exploit this vulnerability, an attacker must entice a user to visit a specially crafted website while using a vulnerable version of Chrome (pre-17.0.963.78) [3]. No additional authentication or user interaction beyond navigation is required; the UXSS condition is triggered through crafted history navigation.
Impact
Successful exploitation allows a remote attacker to execute arbitrary code with the privileges of the browser process [3]. This can lead to full compromise of user data, session hijacking, and installation of extensions without user interaction.
Mitigation
Google fixed this issue in Chrome 17.0.963.78, released on 2012-03-09. Gentoo recommends upgrading to chromium-17.0.963.83 [3]. Users should apply the update via their browser's update mechanism or package manager. No workaround is available.
AI Insight generated on May 23, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
6Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
17- code.google.com/p/chromium/issues/detailnvdVendor Advisory
- code.google.com/p/chromium/issues/detailnvdVendor Advisory
- googlechromereleases.blogspot.com/2012/03/chrome-stable-channel-update.htmlnvdRelease NotesVendor Advisory
- lists.apple.com/archives/security-announce/2012/May/msg00000.htmlnvdMailing ListThird Party Advisory
- lists.apple.com/archives/security-announce/2012/May/msg00002.htmlnvdMailing ListThird Party Advisory
- lists.opensuse.org/opensuse-security-announce/2012-03/msg00012.htmlnvdMailing ListThird Party Advisory
- security.gentoo.org/glsa/glsa-201203-19.xmlnvdThird Party Advisory
- support.apple.com/kb/HT5282nvdThird Party Advisory
- www.securityfocus.com/bid/52369nvdThird Party AdvisoryVDB Entry
- www.securitytracker.com/idnvdThird Party AdvisoryVDB Entry
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14686nvdThird Party Advisory
- plus.google.com/u/0/116651741222993143554/posts/5Eq5d9XgFqsnvdPermissions RequiredVendor Advisory
- secunia.com/advisories/47292nvdNot Applicable
- secunia.com/advisories/48321nvdNot Applicable
- secunia.com/advisories/48419nvdNot Applicable
- secunia.com/advisories/48527nvdNot Applicable
- www.zdnet.com/blog/security/cansecwest-pwnium-google-chrome-hacked-with-sandbox-bypass/10563nvdPress/Media Coverage
News mentions
0No linked articles in our index yet.