CVE-2011-3909
https://notcve.org/view.php?id=CVE-2011-3909
The Cascading Style Sheets (CSS) implementation in Google Chrome before 16.0.912.63 on 64-bit platforms does not properly manage property arrays, which allows remote attackers to cause a denial of service (memory corruption) via unspecified vectors. La implementación de las Hojas de Estilo en Cascada (CSS) en Google Chrome antes de v16.0.912.63 en las plataformas de 64 bits no maneja correctamente los arrays de propiedades, lo que permite a atacantes remotos provocar una denegación de servicio (corrupción de memoria) a través de vectores no especificados. • http://code.google.com/p/chromium/issues/detail?id=101010 http://googlechromereleases.blogspot.com/2011/12/stable-channel-update.html http://lists.apple.com/archives/security-announce/2012/Mar/msg00000.html http://lists.apple.com/archives/security-announce/2012/Mar/msg00001.html http://lists.apple.com/archives/security-announce/2012/Mar/msg00003.html http://secunia.com/advisories/48274 http://secunia.com/advisories/48288 http://secunia.com/advisories/48377 http://www.securitytracker.com/i • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2011-3913
https://notcve.org/view.php?id=CVE-2011-3913
Use-after-free vulnerability in Google Chrome before 16.0.912.63 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to Range handling. Una vulnerabilidad de uso después de liberación en Google Chrome antes de v16.0.912.63 permite a atacantes remotos causar una denegación de servicio o posiblemente tener un impacto no especificado a través de vectores relacionados con la gestión de Rango. • http://code.google.com/p/chromium/issues/detail?id=103921 http://googlechromereleases.blogspot.com/2011/12/stable-channel-update.html http://lists.apple.com/archives/security-announce/2012/Jul/msg00000.html http://lists.apple.com/archives/security-announce/2012/Sep/msg00001.html http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html http://support.apple.com/kb/HT5400 http://support.apple.com/kb/HT5485 http://support.apple.com/kb/HT5503 https://oval.cisecurity.org& • CWE-416: Use After Free •
CVE-2011-3897 – WebKit ContentEditable swapInNode Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2011-3897
Use-after-free vulnerability in Google Chrome before 15.0.874.120 allows user-assisted remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to editing. Vulnerabilidad de uso después de liberación en Google Chrome anteriores a v15.0.874.120 permite al atacante remoto asistido por el usario provocar una denegación de servicio o posiblemente tener un impacto no especificado a través de vectores relacionados con la edición. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the WebKit library. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists when the library attempts to replace a particular element due to an HTML5 ContentEditable command. Due to the library not accommodating for DOM mutation events that can be made to occur, an aggressor can modify the tree out from underneath the library, leading to a type change. • http://code.google.com/p/chromium/issues/detail?id=102242 http://googlechromereleases.blogspot.com/2011/11/stable-channel-update.html http://lists.apple.com/archives/security-announce/2012/Mar/msg00000.html http://lists.apple.com/archives/security-announce/2012/Mar/msg00001.html http://lists.apple.com/archives/security-announce/2012/Mar/msg00003.html http://secunia.com/advisories/46933 http://secunia.com/advisories/48274 http://secunia.com/advisories/48288 http://secunia.com/advisories/4 • CWE-416: Use After Free •
CVE-2011-3885
https://notcve.org/view.php?id=CVE-2011-3885
Use-after-free vulnerability in Google Chrome before 15.0.874.102 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to stale Cascading Style Sheets (CSS) token-sequence data. Vulnerabilidad de tipo "usar después de liberar" ("use-after-free") en Google Chrome en versiones anteriores a la 15.0.874.102 permite a atacantes remotos provocar una denegación de servicio o posiblemente realizar otras acciones sin especificar a través de vectores relacionados con los datos token-sequence de las hojas de estilo (CSS). • http://code.google.com/p/chromium/issues/detail?id=100059 http://code.google.com/p/chromium/issues/detail?id=97599 http://code.google.com/p/chromium/issues/detail?id=98064 http://code.google.com/p/chromium/issues/detail?id=98556 http://code.google.com/p/chromium/issues/detail? • CWE-416: Use After Free •
CVE-2011-3888
https://notcve.org/view.php?id=CVE-2011-3888
Use-after-free vulnerability in Google Chrome before 15.0.874.102 allows user-assisted remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to editing operations in conjunction with an unknown plug-in. Vulnerabilidad de tipo "usar después de liberar" (use-after-free) en Google Chrome en versiones anteriores a la 15.0.874.102. Permite a atacantes remotos asistidos por el usuario provocar una denegación de servicio o posiblemente tener otro impacto sin especificar a través de vectores relacionados con operaciones de edicion junto con complementos ("plug-ins") desconocidos. • http://code.google.com/p/chromium/issues/detail?id=99138 http://googlechromereleases.blogspot.com/2011/10/chrome-stable-release.html http://lists.apple.com/archives/security-announce/2012/Mar/msg00000.html http://lists.apple.com/archives/security-announce/2012/Mar/msg00001.html http://lists.apple.com/archives/security-announce/2012/Mar/msg00003.html http://secunia.com/advisories/48274 http://secunia.com/advisories/48288 http://secunia.com/advisories/48377 http://www.securitytracker.com/id • CWE-416: Use After Free •