CVE-2011-3640

Source
https://nvd.nist.gov/vuln/detail/CVE-2011-3640
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2011-3640.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2011-3640
Related
Withdrawn
2023-02-12T00:00:00Z
Published
2011-10-28T02:49:53Z
Modified
2024-08-07T00:15:34Z
Summary
[none]
Details

Untrusted search path vulnerability in Mozilla Network Security Services (NSS), as used in Google Chrome before 17 on Windows and Mac OS X, might allow local users to gain privileges via a Trojan horse pkcs11.txt file in a top-level directory. NOTE: the vendor's response was "Strange behavior, but we're not treating this as a security bug."

References

Affected packages

Debian:11 / nss

Package

Name
nss
Purl
pkg:deb/debian/nss?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.13.1.with.ckbi.1.88-1

Ecosystem specific

{
    "urgency": "low"
}

Debian:12 / nss

Package

Name
nss
Purl
pkg:deb/debian/nss?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.13.1.with.ckbi.1.88-1

Ecosystem specific

{
    "urgency": "low"
}

Debian:13 / nss

Package

Name
nss
Purl
pkg:deb/debian/nss?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.13.1.with.ckbi.1.88-1

Ecosystem specific

{
    "urgency": "low"
}