CVSS: 6.8EPSS: 2%CPEs: 6EXPL: 0CVE-2011-3062 – Mozilla: Off-by-one error in OpenType Sanitizer (MFSA 2012-31)
https://notcve.org/view.php?id=CVE-2011-3062
Off-by-one error in the OpenType Sanitizer in Google Chrome before 18.0.1025.142 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted OpenType file. Error de tipo "Off-by-one" en OpenType Sanitizer en Google Chrome anterior a v18.0.1025.142 permite a atacantes remotos causar una denegación de servicio o posiblemente tener un impacto no especificado a través de un archivo modificado de OpenType. • http://code.google.com/p/chromium/issues/detail?id=116524 http://googlechromereleases.blogspot.com/2012/03/stable-channel-release-and-beta-channel.html http://osvdb.org/80740 http://secunia.com/advisories/48618 http://secunia.com/advisories/48691 http://secunia.com/advisories/48763 http://secunia.com/advisories/48972 http://secunia.com/advisories/49047 http://secunia.com/advisories/49055 http://www.mandriva.com/security/advisories?name=MDVSA-2012:066 http://www.mandriva.com/secu • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-682: Incorrect Calculation •
CVSS: 5.0EPSS: 0%CPEs: 4EXPL: 2CVE-2011-1187
https://notcve.org/view.php?id=CVE-2011-1187
Google Chrome before 10.0.648.127 allows remote attackers to bypass the Same Origin Policy via unspecified vectors, related to an "error message leak." Google Chrome en versiones anteriores a la 10.0.648.127 permite a atacantes remotos evitar la política de mismo origen ("Same Origin Policy") a través de vectores sin especificar. Relacionado con un "error message leak". • http://code.google.com/p/chromium/issues/detail?id=69187 http://googlechromereleases.blogspot.com/2011/03/chrome-stable-release.html http://secunia.com/advisories/48972 http://secunia.com/advisories/49047 http://secunia.com/advisories/49055 http://www.mozilla.org/security/announce/2012/mfsa2012-32.html http://www.securityfocus.com/bid/46785 http://www.vupen.com/english/advisories/2011/0628 https://bugzilla.mozilla.org/show_bug.cgi?id=624621 https://exchange.xforce.ibmcloud.com/v • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •