CVSS: 7.5EPSS: 2%CPEs: 4EXPL: 0CVE-2011-3926
https://notcve.org/view.php?id=CVE-2011-3926
Heap-based buffer overflow in the tree builder in Google Chrome before 16.0.912.77 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. Una vulnerabilidad de desbordamiento de buffer basado en memoria dinámica (Heap) en el constructor de árboles de Google Chrome antes de v16.0.912.77 permite a atacantes remotos causar una denegación de servicio o posiblemente tener un impacto no especificado a través de vectores desconocidos. • http://code.google.com/p/chromium/issues/detail?id=109556 http://googlechromereleases.blogspot.com/2012/01/stable-channel-update_23.html http://lists.apple.com/archives/security-announce/2012/Jul/msg00000.html http://lists.apple.com/archives/security-announce/2012/Sep/msg00001.html http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html http://secunia.com/advisories/47694 http://support.apple.com/kb/HT5400 http://support.apple.com/kb/HT5485 http://support.apple.com • CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 3%CPEs: 4EXPL: 0CVE-2011-3913
https://notcve.org/view.php?id=CVE-2011-3913
Use-after-free vulnerability in Google Chrome before 16.0.912.63 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to Range handling. Una vulnerabilidad de uso después de liberación en Google Chrome antes de v16.0.912.63 permite a atacantes remotos causar una denegación de servicio o posiblemente tener un impacto no especificado a través de vectores relacionados con la gestión de Rango. • http://code.google.com/p/chromium/issues/detail?id=103921 http://googlechromereleases.blogspot.com/2011/12/stable-channel-update.html http://lists.apple.com/archives/security-announce/2012/Jul/msg00000.html http://lists.apple.com/archives/security-announce/2012/Sep/msg00001.html http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html http://support.apple.com/kb/HT5400 http://support.apple.com/kb/HT5485 http://support.apple.com/kb/HT5503 https://oval.cisecurity.org& • CWE-416: Use After Free •
CVSS: 5.0EPSS: 2%CPEs: 4EXPL: 0CVE-2011-3909
https://notcve.org/view.php?id=CVE-2011-3909
The Cascading Style Sheets (CSS) implementation in Google Chrome before 16.0.912.63 on 64-bit platforms does not properly manage property arrays, which allows remote attackers to cause a denial of service (memory corruption) via unspecified vectors. La implementación de las Hojas de Estilo en Cascada (CSS) en Google Chrome antes de v16.0.912.63 en las plataformas de 64 bits no maneja correctamente los arrays de propiedades, lo que permite a atacantes remotos provocar una denegación de servicio (corrupción de memoria) a través de vectores no especificados. • http://code.google.com/p/chromium/issues/detail?id=101010 http://googlechromereleases.blogspot.com/2011/12/stable-channel-update.html http://lists.apple.com/archives/security-announce/2012/Mar/msg00000.html http://lists.apple.com/archives/security-announce/2012/Mar/msg00001.html http://lists.apple.com/archives/security-announce/2012/Mar/msg00003.html http://secunia.com/advisories/48274 http://secunia.com/advisories/48288 http://secunia.com/advisories/48377 http://www.securitytracker.com/i • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.0EPSS: 1%CPEs: 4EXPL: 0CVE-2011-3908
https://notcve.org/view.php?id=CVE-2011-3908
Google Chrome before 16.0.912.63 does not properly parse SVG documents, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. Google Chrome anteriores a v16.0.912.63 no se analiza correctamente los documentos SVG, que permite a atacantes remotos provocar una denegación de servicio (de fuera de límites leer) a través de vectores no especificados. • http://code.google.com/p/chromium/issues/detail?id=100863 http://googlechromereleases.blogspot.com/2011/12/stable-channel-update.html http://lists.apple.com/archives/security-announce/2012/Mar/msg00000.html http://lists.apple.com/archives/security-announce/2012/Mar/msg00001.html http://lists.apple.com/archives/security-announce/2012/Mar/msg00003.html http://secunia.com/advisories/48274 http://secunia.com/advisories/48288 http://secunia.com/advisories/48377 http://www.securitytracker.com/i • CWE-125: Out-of-bounds Read •
CVSS: 7.5EPSS: 6%CPEs: 4EXPL: 0CVE-2011-3897 – WebKit ContentEditable swapInNode Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2011-3897
Use-after-free vulnerability in Google Chrome before 15.0.874.120 allows user-assisted remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to editing. Vulnerabilidad de uso después de liberación en Google Chrome anteriores a v15.0.874.120 permite al atacante remoto asistido por el usario provocar una denegación de servicio o posiblemente tener un impacto no especificado a través de vectores relacionados con la edición. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the WebKit library. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists when the library attempts to replace a particular element due to an HTML5 ContentEditable command. Due to the library not accommodating for DOM mutation events that can be made to occur, an aggressor can modify the tree out from underneath the library, leading to a type change. • http://code.google.com/p/chromium/issues/detail?id=102242 http://googlechromereleases.blogspot.com/2011/11/stable-channel-update.html http://lists.apple.com/archives/security-announce/2012/Mar/msg00000.html http://lists.apple.com/archives/security-announce/2012/Mar/msg00001.html http://lists.apple.com/archives/security-announce/2012/Mar/msg00003.html http://secunia.com/advisories/46933 http://secunia.com/advisories/48274 http://secunia.com/advisories/48288 http://secunia.com/advisories/4 • CWE-416: Use After Free •