CVSS: 4.3EPSS: 0%CPEs: 200EXPL: 1CVE-2011-2379
https://notcve.org/view.php?id=CVE-2011-2379
Cross-site scripting (XSS) vulnerability in Bugzilla 2.4 through 2.22.7, 3.0.x through 3.3.x, 3.4.x before 3.4.12, 3.5.x, 3.6.x before 3.6.6, 3.7.x, 4.0.x before 4.0.2, and 4.1.x before 4.1.3, when Internet Explorer before 9 or Safari before 5.0.6 is used for Raw Unified mode, allows remote attackers to inject arbitrary web script or HTML via a crafted patch, related to content sniffing. Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en Bugzilla 2.4 hasta la versión 2.22.7, 3.0.x hasta la 3.3.x, 3.4.x anteriores a 3.4.12, 3.5.x, 3.6.x anteriores a 3.6.6, 3.7.x, 4.0.x anteriores a 4.0.2 y 4.1.x anteriores a 4.1.3, si se utiliza Internet Explorer anterior a la versión 9 o Safari anterior a la 5.0.6 para el modo "Raw Unified", permite a atacantes remotos inyectar codigo de script web o código HTML de su elección a través de una solución ("patch") modificada. Relacionado con captura de contenido ("sniffing"). • http://secunia.com/advisories/45501 http://www.bugzilla.org/security/3.4.11 http://www.debian.org/security/2011/dsa-2322 http://www.osvdb.org/74297 http://www.securityfocus.com/bid/49042 https://bugzilla.mozilla.org/show_bug.cgi?id=637981 https://exchange.xforce.ibmcloud.com/vulnerabilities/69033 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.8EPSS: 4%CPEs: 4EXPL: 0CVE-2011-2797
https://notcve.org/view.php?id=CVE-2011-2797
Use-after-free vulnerability in Google Chrome before 13.0.782.107 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to resource caching. Vulnerabilidad use-after-free en Google Chrome anterior a v13.0.782.107 permite a atacantes remotos provocar una denegación de servicio o posiblemente tener otro impacto a través de vectores relacionados con recursos de caché. • http://code.google.com/p/chromium/issues/detail?id=87729 http://googlechromereleases.blogspot.com/2011/08/stable-channel-update.html http://lists.apple.com/archives/Security-announce/2011//Oct/msg00000.html http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html http://lists.apple.com/archives/Security-announce/2011//Oct/msg00004.html http://osvdb.org/74247 http://support.apple.com/kb/HT4981 http://support.apple.com/kb/HT4999 http://support.apple.com/kb • CWE-416: Use After Free •
CVSS: 6.8EPSS: 4%CPEs: 4EXPL: 0CVE-2011-2790
https://notcve.org/view.php?id=CVE-2011-2790
Use-after-free vulnerability in Google Chrome before 13.0.782.107 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving floating styles. Vulnerabilidad de uso después de liberación en Google Chrome anterior a v13.0.782.107 permite a atacantes remotos provocar una denegación de servicio o posiblemente tener otro impacto no especificado a través de vectores que involucran estilos flotantes. • http://code.google.com/p/chromium/issues/detail?id=86502 http://googlechromereleases.blogspot.com/2011/08/stable-channel-update.html http://lists.apple.com/archives/Security-announce/2011//Oct/msg00000.html http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html http://lists.apple.com/archives/Security-announce/2011//Oct/msg00004.html http://osvdb.org/74240 http://support.apple.com/kb/HT4981 http://support.apple.com/kb/HT4999 http://support.apple.com/kb • CWE-416: Use After Free •
CVSS: 4.3EPSS: 0%CPEs: 5EXPL: 0CVE-2011-2800
https://notcve.org/view.php?id=CVE-2011-2800
Google Chrome before 13.0.782.107 allows remote attackers to obtain potentially sensitive information about client-side redirect targets via a crafted web site. Google Chrome anterior a v13.0.782.107 permite a atacantes remotos obtener información sensible sobre los destinos redirigidos, desde el lado del cliente a través de un sitio web manipulado. • http://code.google.com/p/chromium/issues/detail?id=88337 http://googlechromereleases.blogspot.com/2011/08/stable-channel-update.html http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html http://lists.apple.com/archives/Security-announce/2011//Oct/msg00004.html http://osvdb.org/74251 http://support.apple.com/kb/HT4999 http://support.apple.com/kb/HT5000 http://www.debian.org/security/2011/dsa-2307 https://exchange.xforce.ibmcloud.com/vulnerabilities/68962 htt • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.8EPSS: 1%CPEs: 3EXPL: 0CVE-2011-2819
https://notcve.org/view.php?id=CVE-2011-2819
Google Chrome before 13.0.782.107 allows remote attackers to bypass the Same Origin Policy via vectors related to handling of the base URI. Google Chrome anterior a v13.0.782.107 permite a atacantes remotos evitar la política del mismo origen (Same Origin Policy)a través de vectores relacionado con el manejo de la URI. • http://code.google.com/p/chromium/issues/detail?id=90222 http://googlechromereleases.blogspot.com/2011/08/stable-channel-update.html http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html http://lists.apple.com/archives/Security-announce/2011//Oct/msg00004.html http://osvdb.org/74258 http://support.apple.com/kb/HT4999 http://support.apple.com/kb/HT5000 https://exchange.xforce.ibmcloud.com/vulnerabilities/68969 https://oval.cisecurity.org/repository/search/definition •