CVE-2011-3640

Description

Untrusted search path vulnerability in Mozilla Network Security Services (NSS), as used in Google Chrome before 17 on Windows and Mac OS X, might allow local users to gain privileges via a Trojan horse pkcs11.txt file in a top-level directory. NOTE: the vendors response was Strange behavior, but were not treating this as a security bug.

Risk Information

Base Score

9.1

MODERATE

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

EPSS Score

Exploitation Probability

0.34

Associated Vulnerability

No records found

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234