CVSS: 6.8EPSS: 0%CPEs: 4EXPL: 1CVE-2011-3060
https://notcve.org/view.php?id=CVE-2011-3060
Google Chrome before 18.0.1025.142 does not properly handle text fragments, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. Las versiones de Google Chrome anteriores a v18.0.1025.142 no tratan correctamente los fragmentos de texto, lo que permite a atacantes remotos provocar una denegación de servicio por lectura fuera de límite (out-of-bound read) a través de vectores no especificados. • http://code.google.com/p/chromium/issues/detail?id=114056 http://googlechromereleases.blogspot.com/2012/03/stable-channel-release-and-beta-channel.html http://lists.apple.com/archives/security-announce/2012/Jul/msg00000.html http://lists.apple.com/archives/security-announce/2012/Sep/msg00001.html http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html http://secunia.com/advisories/48618 http://secunia.com/advisories/48691 http://secunia.com/advisories/48763 http://support& • CWE-125: Out-of-bounds Read •
CVSS: 6.8EPSS: 0%CPEs: 4EXPL: 0CVE-2011-3056
https://notcve.org/view.php?id=CVE-2011-3056
Google Chrome before 17.0.963.83 allows remote attackers to bypass the Same Origin Policy via vectors involving a "magic iframe." Google Chrome antes de v17.0.963.83 permite a atacantes remotos evitar la política de mismo origen a través de vectores relacionados con un "magic iframe". • http://code.google.com/p/chromium/issues/detail?id=117550 http://googlechromereleases.blogspot.com/2012/03/stable-channel-update_21.html http://lists.apple.com/archives/security-announce/2012/May/msg00000.html http://lists.apple.com/archives/security-announce/2012/May/msg00002.html http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00000.html http://osvdb.org/80294 http://osvdb.org/81794 http://secunia.com/advisories/47292 http://secunia.com/advisories/48512 http:// • CWE-346: Origin Validation Error •
CVSS: 6.8EPSS: 2%CPEs: 5EXPL: 0CVE-2011-3053
https://notcve.org/view.php?id=CVE-2011-3053
Use-after-free vulnerability in Google Chrome before 17.0.963.83 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to block splitting. Una vulnerabilidad de uso después de liberación en Google Chrome antes de v17.0.963.83 permite a atacantes remotos causar una denegación de servicio o posiblemente tener un impacto no especificado a través de vectores relacionados con la división de bloques. • http://code.google.com/p/chromium/issues/detail?id=116746 http://googlechromereleases.blogspot.com/2012/03/stable-channel-update_21.html http://lists.apple.com/archives/security-announce/2012/Jul/msg00000.html http://lists.apple.com/archives/security-announce/2012/Sep/msg00001.html http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00000.html http://osvdb.org/80291 http://secunia.com/advisories/48512 http&# • CWE-416: Use After Free •
CVSS: 6.8EPSS: 0%CPEs: 5EXPL: 1CVE-2011-3050
https://notcve.org/view.php?id=CVE-2011-3050
Use-after-free vulnerability in the Cascading Style Sheets (CSS) implementation in Google Chrome before 17.0.963.83 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the :first-letter pseudo-element. Una vulnerabilidad de uso después de liberación de vulnerabilidad en la implementación de las Hojas de Estilo en Cascada (CSS) en Google Chrome v17.0.963.83 permite a atacantes remotos causar una denegación de servicio o posiblemente tener un impacto no especificado a través de vectores relacionados con el pseudo-elemento :first-letter . • http://code.google.com/p/chromium/issues/detail?id=113902 http://googlechromereleases.blogspot.com/2012/03/stable-channel-update_21.html http://lists.apple.com/archives/security-announce/2012/Jul/msg00000.html http://lists.apple.com/archives/security-announce/2012/Sep/msg00001.html http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00000.html http://osvdb.org/80288 http://secunia.com/advisories/48512 http&# • CWE-416: Use After Free •
CVSS: 6.4EPSS: 1%CPEs: 97EXPL: 0CVE-2012-0584
https://notcve.org/view.php?id=CVE-2012-0584
The Internationalized Domain Name (IDN) feature in Apple Safari before 5.1.4 on Windows does not properly restrict the characters in URLs, which allows remote attackers to spoof a domain name via unspecified homoglyphs. El nombre de dominio ("Internationalized Domain Name" o IDN) en Apple Safari anteriores a 5.1.4 en Windows no restringe apropiadamente los caracteres en URLs, lo que facilita a atacantes remotos suplantar un nombre de dominio a través de símbolos sin especificar. • http://lists.apple.com/archives/security-announce/2012/Mar/msg00003.html http://osvdb.org/80088 http://secunia.com/advisories/48377 http://www.securitytracker.com/id?1026785 • CWE-20: Improper Input Validation •