CVSS: 10.0EPSS: 4%CPEs: 2EXPL: 0CVE-2011-0485
https://notcve.org/view.php?id=CVE-2011-0485
Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do not properly handle speech data, which allows remote attackers to execute arbitrary code via unspecified vectors that lead to a "stale pointer." Google Chrome antes de v8.0.552.237 y Chrome OS antes de v8.0.552.344 no manejan correctamente datos de voz, lo que permite a atacantes remotos ejecutar código arbitrario a través de vectores no especificados que provocan punteros bloqueados. • http://code.google.com/p/chromium/issues/detail?id=68666 http://googlechromereleases.blogspot.com/2011/01/chrome-stable-release.html http://osvdb.org/70468 http://secunia.com/advisories/42951 http://www.securityfocus.com/bid/45788 http://www.srware.net/forum/viewtopic.php?f=18&t=2054 https://exchange.xforce.ibmcloud.com/vulnerabilities/64676 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14381 • CWE-20: Improper Input Validation •
CVSS: 10.0EPSS: 3%CPEs: 4EXPL: 1CVE-2011-0474
https://notcve.org/view.php?id=CVE-2011-0474
Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do not properly handle Cascading Style Sheets (CSS) token sequences in conjunction with cursors, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer." Google Chrome antes de v8.0.552.237 y Chrome OS antes de v8.0.552.344 no controla correctamente las secuencias de tokens CSS (Cascading Style Sheets) junto con cursores, lo que permite a atacantes remotos provocar una denegación de servicio o posiblemente tener un impacto no especificado a través de vectores desconocidos que generan a un puntero en estado "stale". • http://code.google.com/p/chromium/issues/detail?id=66748 http://googlechromereleases.blogspot.com/2011/01/chrome-stable-release.html http://osvdb.org/70457 http://secunia.com/advisories/42951 http://www.debian.org/security/2011/dsa-2188 http://www.securityfocus.com/bid/45788 http://www.srware.net/forum/viewtopic.php?f=18&t=2054 https://exchange.xforce.ibmcloud.com/vulnerabilities/64665 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14443 •
CVSS: 10.0EPSS: 3%CPEs: 2EXPL: 1CVE-2011-0477
https://notcve.org/view.php?id=CVE-2011-0477
Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do not properly handle a mismatch in video frame sizes, which allows remote attackers to cause a denial of service (incorrect memory access) or possibly have unspecified other impact via unknown vectors. Google Chrome antes de v8.0.552.237 y Chrome OS antes de v8.0.552.344 no controla correctamente una discordancia en los tamaños de fotograma de vídeo, lo que permite a atacantes remotos provocar una denegación de servicio (por acceso a memoria incorrecto) o posiblemente tener un impacto no especificado a través de vectores desconocidos. • http://code.google.com/p/chromium/issues/detail?id=67303 http://googlechromereleases.blogspot.com/2011/01/chrome-stable-release.html http://osvdb.org/70460 http://secunia.com/advisories/42951 http://www.securityfocus.com/bid/45788 http://www.srware.net/forum/viewtopic.php?f=18&t=2054 https://exchange.xforce.ibmcloud.com/vulnerabilities/64668 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14390 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 0%CPEs: 7EXPL: 1CVE-2011-0480
https://notcve.org/view.php?id=CVE-2011-0480
Multiple buffer overflows in vorbis_dec.c in the Vorbis decoder in FFmpeg, as used in Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344, allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via a crafted WebM file, related to buffers for (1) the channel floor and (2) the channel residue. Múltiples desbordamientos de búfer en el decodificador Vorbis en Google Chrome antes de v8.0.552.237 y Chrome OS antes de v8.0.552.344 permiten a atacantes remotos provocar una denegación de servicio o posiblemente tener un impacto no especificado a través de vectores desconocidos. • http://article.gmane.org/gmane.comp.video.ffmpeg.devel/122703 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=610550 http://code.google.com/p/chromium/issues/detail?id=68115 http://codereview.chromium.org/5964011 http://codereview.chromium.org/6069005 http://ffmpeg.mplayerhq.hu http://git.ffmpeg.org/?p=ffmpeg.git%3Ba=commit%3Bh=13184036a6b1b1d4b61c91118c0896e9ad4634c3 http://googlechromereleases.blogspot.com/2011/01/chrome-stable-release.html http://osvdb.org/70463 http://roundup.ffmpeg. • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 4.3EPSS: 1%CPEs: 4EXPL: 0CVE-2011-0482
https://notcve.org/view.php?id=CVE-2011-0482
Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do not properly perform a cast of an unspecified variable during handling of anchors, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted HTML document. Google Chrome antes de v8.0.552.237 y Chrome OS antes de v8.0.552.344 no realiza correctamente la conversión de una variable no especificada durante la manipulación de los enlaces HTML, lo que permite a atacantes remotos provocar una denegación de servicio o posiblemente tener un impacto no especificado a través de un documento HTML. • http://code.google.com/p/chromium/issues/detail?id=68178 http://googlechromereleases.blogspot.com/2011/01/chrome-stable-release.html http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.html http://osvdb.org/70465 http://secunia.com/advisories/42951 http://www.debian.org/security/2011/dsa-2188 http://www.securityfocus.com/bid/45788 http://www.srware.net/forum/viewtopic.php?f=18&t=2054 https://exchange.xforce.ibmcloud.com/vulnerabilities/64673 https://oval.cisec • CWE-704: Incorrect Type Conversion or Cast •