Sign in Get started

← All advisories

Unrated severityNVD Advisory· Published Mar 22, 2012· Updated Apr 29, 2026

CVE-2011-3056

CVE-2011-3056

Description

Google Chrome before 17.0.963.83 allows remote attackers to bypass the Same Origin Policy via vectors involving a "magic iframe."

Affected products

4

Google/Chrome
cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*
Range: <17.0.963.83
OpenSUSE/openSUSE
cpe:2.3:o:opensuse:opensuse:12.1:*:*:*:*:*:*:*
Apple Inc./Safari
cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*
Range: <5.1.7
Apple Inc./Iphone Os
cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
Range: <5.1.1

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

16

code.google.com/p/chromium/issues/detailnvdVendor Advisory
googlechromereleases.blogspot.com/2012/03/stable-channel-update_21.htmlnvdVendor Advisory
lists.apple.com/archives/security-announce/2012/May/msg00000.htmlnvdMailing ListThird Party Advisory
lists.apple.com/archives/security-announce/2012/May/msg00002.htmlnvdMailing ListThird Party Advisory
lists.opensuse.org/opensuse-security-announce/2012-04/msg00000.htmlnvdMailing ListThird Party Advisory
security.gentoo.org/glsa/glsa-201203-19.xmlnvdThird Party Advisory
support.apple.com/kb/HT5282nvdThird Party Advisory
www.securityfocus.com/bid/52674nvdThird Party AdvisoryVDB Entry
www.securitytracker.com/idnvdThird Party AdvisoryVDB Entry
exchange.xforce.ibmcloud.com/vulnerabilities/74216nvdThird Party AdvisoryVDB Entry
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14962nvdThird Party Advisory
osvdb.org/80294nvdBroken Link
osvdb.org/81794nvdBroken Link
secunia.com/advisories/47292nvdNot Applicable
secunia.com/advisories/48512nvdNot Applicable
secunia.com/advisories/48527nvdNot Applicable

News mentions

0

No linked articles in our index yet.