CVSS: 7.5EPSS: 3%CPEs: 4EXPL: 0CVE-2011-3913
https://notcve.org/view.php?id=CVE-2011-3913
Use-after-free vulnerability in Google Chrome before 16.0.912.63 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to Range handling. Una vulnerabilidad de uso después de liberación en Google Chrome antes de v16.0.912.63 permite a atacantes remotos causar una denegación de servicio o posiblemente tener un impacto no especificado a través de vectores relacionados con la gestión de Rango. • http://code.google.com/p/chromium/issues/detail?id=103921 http://googlechromereleases.blogspot.com/2011/12/stable-channel-update.html http://lists.apple.com/archives/security-announce/2012/Jul/msg00000.html http://lists.apple.com/archives/security-announce/2012/Sep/msg00001.html http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html http://support.apple.com/kb/HT5400 http://support.apple.com/kb/HT5485 http://support.apple.com/kb/HT5503 https://oval.cisecurity.org& • CWE-416: Use After Free •
CVSS: 5.0EPSS: 2%CPEs: 4EXPL: 0CVE-2011-3909
https://notcve.org/view.php?id=CVE-2011-3909
The Cascading Style Sheets (CSS) implementation in Google Chrome before 16.0.912.63 on 64-bit platforms does not properly manage property arrays, which allows remote attackers to cause a denial of service (memory corruption) via unspecified vectors. La implementación de las Hojas de Estilo en Cascada (CSS) en Google Chrome antes de v16.0.912.63 en las plataformas de 64 bits no maneja correctamente los arrays de propiedades, lo que permite a atacantes remotos provocar una denegación de servicio (corrupción de memoria) a través de vectores no especificados. • http://code.google.com/p/chromium/issues/detail?id=101010 http://googlechromereleases.blogspot.com/2011/12/stable-channel-update.html http://lists.apple.com/archives/security-announce/2012/Mar/msg00000.html http://lists.apple.com/archives/security-announce/2012/Mar/msg00001.html http://lists.apple.com/archives/security-announce/2012/Mar/msg00003.html http://secunia.com/advisories/48274 http://secunia.com/advisories/48288 http://secunia.com/advisories/48377 http://www.securitytracker.com/i • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.0EPSS: 1%CPEs: 4EXPL: 0CVE-2011-3908
https://notcve.org/view.php?id=CVE-2011-3908
Google Chrome before 16.0.912.63 does not properly parse SVG documents, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. Google Chrome anteriores a v16.0.912.63 no se analiza correctamente los documentos SVG, que permite a atacantes remotos provocar una denegación de servicio (de fuera de límites leer) a través de vectores no especificados. • http://code.google.com/p/chromium/issues/detail?id=100863 http://googlechromereleases.blogspot.com/2011/12/stable-channel-update.html http://lists.apple.com/archives/security-announce/2012/Mar/msg00000.html http://lists.apple.com/archives/security-announce/2012/Mar/msg00001.html http://lists.apple.com/archives/security-announce/2012/Mar/msg00003.html http://secunia.com/advisories/48274 http://secunia.com/advisories/48288 http://secunia.com/advisories/48377 http://www.securitytracker.com/i • CWE-125: Out-of-bounds Read •
CVSS: 7.5EPSS: 6%CPEs: 4EXPL: 0CVE-2011-3897 – WebKit ContentEditable swapInNode Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2011-3897
Use-after-free vulnerability in Google Chrome before 15.0.874.120 allows user-assisted remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to editing. Vulnerabilidad de uso después de liberación en Google Chrome anteriores a v15.0.874.120 permite al atacante remoto asistido por el usario provocar una denegación de servicio o posiblemente tener un impacto no especificado a través de vectores relacionados con la edición. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the WebKit library. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists when the library attempts to replace a particular element due to an HTML5 ContentEditable command. Due to the library not accommodating for DOM mutation events that can be made to occur, an aggressor can modify the tree out from underneath the library, leading to a type change. • http://code.google.com/p/chromium/issues/detail?id=102242 http://googlechromereleases.blogspot.com/2011/11/stable-channel-update.html http://lists.apple.com/archives/security-announce/2012/Mar/msg00000.html http://lists.apple.com/archives/security-announce/2012/Mar/msg00001.html http://lists.apple.com/archives/security-announce/2012/Mar/msg00003.html http://secunia.com/advisories/46933 http://secunia.com/advisories/48274 http://secunia.com/advisories/48288 http://secunia.com/advisories/4 • CWE-416: Use After Free •
CVSS: 6.8EPSS: 7%CPEs: 4EXPL: 0CVE-2011-3888
https://notcve.org/view.php?id=CVE-2011-3888
Use-after-free vulnerability in Google Chrome before 15.0.874.102 allows user-assisted remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to editing operations in conjunction with an unknown plug-in. Vulnerabilidad de tipo "usar después de liberar" (use-after-free) en Google Chrome en versiones anteriores a la 15.0.874.102. Permite a atacantes remotos asistidos por el usuario provocar una denegación de servicio o posiblemente tener otro impacto sin especificar a través de vectores relacionados con operaciones de edicion junto con complementos ("plug-ins") desconocidos. • http://code.google.com/p/chromium/issues/detail?id=99138 http://googlechromereleases.blogspot.com/2011/10/chrome-stable-release.html http://lists.apple.com/archives/security-announce/2012/Mar/msg00000.html http://lists.apple.com/archives/security-announce/2012/Mar/msg00001.html http://lists.apple.com/archives/security-announce/2012/Mar/msg00003.html http://secunia.com/advisories/48274 http://secunia.com/advisories/48288 http://secunia.com/advisories/48377 http://www.securitytracker.com/id • CWE-416: Use After Free •