What is CVE-2011-3389?

CVE-2011-3389 is a vulnerability in Google Chrome, classified under Inadequate Encryption Strength. Published 2011-09-06.

Is CVE-2011-3389 known to be exploited?

75 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Google Chrome

CVE-2011-3389

The SSL protocol, as used in certain configurations in Microsoft Windows and Microsoft Internet Explorer, Mozilla Firefox, Google Chrome, Opera, and other products, encrypts data by using CBC mode with chained initialization vectors, which…

EPSS: 0.733 (99.4th percentile) — read the EPSS interpretation.

Affected products

Weakness classification (CWE)

CWE-326 — Inadequate Encryption Strength

Public proof-of-concept exploits

References

74829 (x_refsource_OSVDB, vdb-entry, Broken Link)
cve@mitre.org (Third Party Advisory, x_refsource_MISC)
cve@mitre.org (x_refsource_CONFIRM, Third Party Advisory)
cve@mitre.org (Third Party Advisory, x_refsource_MISC)
GLSA-201406-32 (vendor-advisory, Third Party Advisory, x_refsource_GENTOO)
48692 (x_refsource_SECUNIA, Not Applicable, third-party-advisory)
HPSBMU02799 (x_refsource_HP, vendor-advisory, Mailing List, Third Party Advisory, Issue Tracking)
cve@mitre.org (x_refsource_CONFIRM, Third Party Advisory)
SSRT100805 (x_refsource_HP, vendor-advisory, Mailing List, Third Party Advisory, Issue Tracking)
55322 (x_refsource_SECUNIA, Not Applicable, third-party-advisory)

Frequently asked questions

What is CVE-2011-3389?: CVE-2011-3389 is a vulnerability in Google Chrome, classified under Inadequate Encryption Strength. Published 2011-09-06.
Is CVE-2011-3389 known to be exploited?: 75 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.