Login Sign Up

CVE-2011-1460

9.8 CRITICAL
Remote Code Execution

📋 TL;DR

CVE-2011-1460 is a type confusion vulnerability in WebKit's rendering engine that allows remote code execution through specially crafted web content. This affects Google Chrome versions before the fix and potentially other WebKit-based browsers. Attackers can exploit this to execute arbitrary code with the privileges of the browser process.

💻 Affected Systems

Products:
  • Google Chrome
  • WebKit-based browsers
Versions: Google Chrome versions before Blink M11 (WebKit revisions before 81648/81748)
Operating Systems: Windows, macOS, Linux, Android, iOS
Default Config Vulnerable: ⚠️ Yes
Notes: All default configurations of affected Chrome versions are vulnerable. Other WebKit-based browsers may also be affected.

📦 What is this software?

Blink by Google

View all CVEs affecting Blink →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system compromise through remote code execution leading to data theft, malware installation, or lateral movement within the network.

🟠

Likely Case

Browser crash leading to denial of service, or limited code execution within browser sandbox boundaries.

🟢

If Mitigated

No impact if patched or if exploit attempts are blocked by security controls like web filters or IPS.

🌐 Internet-Facing: HIGH - Web browsers are inherently internet-facing and process untrusted content.
🏢 Internal Only: MEDIUM - Risk exists if users visit malicious internal sites or if attackers pivot through internal systems.

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: LIKELY
Unauthenticated Exploit: ⚠️ Yes
Complexity: MEDIUM

Exploitation requires user interaction (visiting malicious website) but no authentication. The vulnerability was publicly disclosed with technical details.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Google Chrome versions including WebKit revisions 81648 and 81748

Vendor Advisory: https://bugs.chromium.org/p/chromium/issues/detail?id=76784

Restart Required: Yes

Instructions:

1. Update Google Chrome to latest version. 2. Enable automatic updates. 3. Restart browser to apply update.

🔧 Temporary Workarounds

Disable JavaScript

all

Prevents exploitation by disabling JavaScript execution in browser

Browser-specific settings configuration

Use alternative browser

all

Temporarily switch to non-WebKit browser until patched

🧯 If You Can't Patch

  • Implement web content filtering to block malicious sites
  • Use application whitelisting to prevent unauthorized code execution

🔍 How to Verify

Check if Vulnerable:

Check Chrome version: if before Blink M11 or WebKit revisions before 81648/81748

Check Version:

chrome://version/ or 'google-chrome --version'

Verify Fix Applied:

Verify Chrome version is updated beyond affected versions and browser restarted

📡 Detection & Monitoring

Log Indicators:

  • Browser crash reports
  • Unusual process creation from browser

Network Indicators:

  • Connections to known malicious domains serving exploit code

SIEM Query:

source="browser_logs" AND (event="crash" OR event="process_creation")

📊 Metadata

CVE ID: CVE-2011-1460
CVSS v3 Score: 9.8 (CRITICAL)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE: CWE-704
Published: November 5, 2019
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2011-1460, you might also want to check these:

CVE-2021-33318 9.8

This vulnerability allows attackers to bypass IP address filtering in applications using vulnerable ...

Same vulnerability type (CWE-704)
CVE-2020-6151 9.8

This is a critical memory corruption vulnerability in Accusoft ImageGear's TIFF file parser. Attacke...

Same vulnerability type (CWE-704)
CVE-2011-2337 9.8

This vulnerability involves an incorrect data type used for a strlen return value in WebKit on 64-bi...

Same vulnerability type (CWE-704)