CVSS: 6.8EPSS: 0%CPEs: 4EXPL: 1CVE-2011-3060
https://notcve.org/view.php?id=CVE-2011-3060
Google Chrome before 18.0.1025.142 does not properly handle text fragments, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. Las versiones de Google Chrome anteriores a v18.0.1025.142 no tratan correctamente los fragmentos de texto, lo que permite a atacantes remotos provocar una denegación de servicio por lectura fuera de límite (out-of-bound read) a través de vectores no especificados. • http://code.google.com/p/chromium/issues/detail?id=114056 http://googlechromereleases.blogspot.com/2012/03/stable-channel-release-and-beta-channel.html http://lists.apple.com/archives/security-announce/2012/Jul/msg00000.html http://lists.apple.com/archives/security-announce/2012/Sep/msg00001.html http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html http://secunia.com/advisories/48618 http://secunia.com/advisories/48691 http://secunia.com/advisories/48763 http://support& • CWE-125: Out-of-bounds Read •
CVSS: 6.8EPSS: 2%CPEs: 5EXPL: 0CVE-2011-3053
https://notcve.org/view.php?id=CVE-2011-3053
Use-after-free vulnerability in Google Chrome before 17.0.963.83 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to block splitting. Una vulnerabilidad de uso después de liberación en Google Chrome antes de v17.0.963.83 permite a atacantes remotos causar una denegación de servicio o posiblemente tener un impacto no especificado a través de vectores relacionados con la división de bloques. • http://code.google.com/p/chromium/issues/detail?id=116746 http://googlechromereleases.blogspot.com/2012/03/stable-channel-update_21.html http://lists.apple.com/archives/security-announce/2012/Jul/msg00000.html http://lists.apple.com/archives/security-announce/2012/Sep/msg00001.html http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00000.html http://osvdb.org/80291 http://secunia.com/advisories/48512 http&# • CWE-416: Use After Free •
CVSS: 6.8EPSS: 0%CPEs: 5EXPL: 1CVE-2011-3050
https://notcve.org/view.php?id=CVE-2011-3050
Use-after-free vulnerability in the Cascading Style Sheets (CSS) implementation in Google Chrome before 17.0.963.83 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the :first-letter pseudo-element. Una vulnerabilidad de uso después de liberación de vulnerabilidad en la implementación de las Hojas de Estilo en Cascada (CSS) en Google Chrome v17.0.963.83 permite a atacantes remotos causar una denegación de servicio o posiblemente tener un impacto no especificado a través de vectores relacionados con el pseudo-elemento :first-letter . • http://code.google.com/p/chromium/issues/detail?id=113902 http://googlechromereleases.blogspot.com/2012/03/stable-channel-update_21.html http://lists.apple.com/archives/security-announce/2012/Jul/msg00000.html http://lists.apple.com/archives/security-announce/2012/Sep/msg00001.html http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00000.html http://osvdb.org/80288 http://secunia.com/advisories/48512 http&# • CWE-416: Use After Free •
CVSS: 6.8EPSS: 0%CPEs: 4EXPL: 0CVE-2011-3056
https://notcve.org/view.php?id=CVE-2011-3056
Google Chrome before 17.0.963.83 allows remote attackers to bypass the Same Origin Policy via vectors involving a "magic iframe." Google Chrome antes de v17.0.963.83 permite a atacantes remotos evitar la política de mismo origen a través de vectores relacionados con un "magic iframe". • http://code.google.com/p/chromium/issues/detail?id=117550 http://googlechromereleases.blogspot.com/2012/03/stable-channel-update_21.html http://lists.apple.com/archives/security-announce/2012/May/msg00000.html http://lists.apple.com/archives/security-announce/2012/May/msg00002.html http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00000.html http://osvdb.org/80294 http://osvdb.org/81794 http://secunia.com/advisories/47292 http://secunia.com/advisories/48512 http:// • CWE-346: Origin Validation Error •
CVSS: 5.0EPSS: 0%CPEs: 99EXPL: 0CVE-2012-0647
https://notcve.org/view.php?id=CVE-2012-0647
WebKit in Apple Safari before 5.1.4 does not properly handle redirects in conjunction with HTTP authentication, which might allow remote web servers to capture credentials by logging the Authorization HTTP header. WebKit de Apple Safari anteriores a 5.1.4 no maneja apropiadamente las redirecciones junto con autenticación HTTP, lo que permite a servidores web remotos capturar las credenciales a través de la cabecera "Authorization HTTP". • http://lists.apple.com/archives/security-announce/2012/Mar/msg00003.html http://secunia.com/advisories/48377 http://www.securitytracker.com/id?1026785 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •