CVSS: 9.0EPSS: 4%CPEs: 142EXPL: 0CVE-2011-1344 – WebKit WBR Tag Removal Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2011-1344
Use-after-free vulnerability in WebKit, as used in Apple Safari before 5.0.5; iOS before 4.3.2 for iPhone, iPod, and iPad; iOS before 4.2.7 for iPhone 4 (CDMA); and possibly other products allows remote attackers to execute arbitrary code by adding children to a WBR tag and then removing the tag, related to text nodes, as demonstrated by Chaouki Bekrar during a Pwn2Own competition at CanSecWest 2011. Vulnerabilidad sin especificar en WebKit. Tal como se utiliza en Apple Safari 5.0.4 en Mac OS X 10.6.6, permite a atacantes remotos ejecutar código arbitrario a través de vectores desconocidos, como ha demostrado Chaouki Bekrar durante el concurso Pwn2Own de la CanSecWest 2011. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Webkit. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the way the Webkit library handles WBR tags on a webpage. • http://dvlabs.tippingpoint.com/blog/2011/02/02/pwn2own-2011 http://lists.apple.com/archives/security-announce/2011//Apr/msg00000.html http://lists.apple.com/archives/security-announce/2011//Apr/msg00001.html http://lists.apple.com/archives/security-announce/2011//Apr/msg00002.html http://secunia.com/advisories/44151 http://secunia.com/advisories/44154 http://support.apple.com/kb/HT4596 http://support.apple.com/kb/HT4607 http://twitter.com/aaronportnoy/statuses/45632544967901187&# • CWE-399: Resource Management Errors •
CVSS: 7.5EPSS: 1%CPEs: 4EXPL: 0CVE-2011-1109
https://notcve.org/view.php?id=CVE-2011-1109
Google Chrome before 9.0.597.107 does not properly process nodes in Cascading Style Sheets (CSS) stylesheets, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer." Google Chrome anterior a v9.0.597.107 no procesa correctamente los nodos en las hojas de estilo en cascada (CSS), lo que permite a atacantes remotos provocar una denegación de servicio o posiblemente tener un impacto no especificado a través de vectores desconocidos que llevan a un "stale pointer". • http://code.google.com/p/chromium/issues/detail?id=68263 http://googlechromereleases.blogspot.com/2011/02/stable-channel-update_28.html http://lists.apple.com/archives/Security-announce/2011//Oct/msg00000.html http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html http://lists.apple.com/archives/security-announce/2011//Jul/msg00002.html http://support.apple.com/kb/HT4808 http://support.apple.com/kb/HT4981 http://support.apple.com/kb/HT4999 http://www&# • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 1%CPEs: 4EXPL: 1CVE-2011-1114
https://notcve.org/view.php?id=CVE-2011-1114
Google Chrome before 9.0.597.107 does not properly handle tables, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale node." Google Chrome anterior a v9.0.597.107 no controla correctamente las tablas, lo que permite a atacantes remotos provocar una denegación de servicio o posiblemente tener un impacto no especificado a través de vectores desconocidos que dan lugar a un "stale node". • http://code.google.com/p/chromium/issues/detail?id=71114 http://googlechromereleases.blogspot.com/2011/02/stable-channel-update_28.html http://lists.apple.com/archives/Security-announce/2011//Oct/msg00000.html http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html http://lists.apple.com/archives/security-announce/2011//Jul/msg00002.html http://support.apple.com/kb/HT4808 http://support.apple.com/kb/HT4981 http://support.apple.com/kb/HT4999 http://www&# •
CVSS: 7.5EPSS: 1%CPEs: 4EXPL: 1CVE-2011-1117
https://notcve.org/view.php?id=CVE-2011-1117
Google Chrome before 9.0.597.107 does not properly handle XHTML documents, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to "stale nodes." Google Chrome anterior a v9.0.597.107 no controla correctamente los documentos XHTML, lo que permite a atacantes remotos provocar una denegación de servicio o posiblemente tener un impacto no especificado a través de vectores desconocidos que conducen a nodos no válidos ("stale nodes"). • http://code.google.com/p/chromium/issues/detail?id=71386 http://googlechromereleases.blogspot.com/2011/02/stable-channel-update_28.html http://lists.apple.com/archives/Security-announce/2011//Oct/msg00000.html http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html http://lists.apple.com/archives/security-announce/2011//Jul/msg00002.html http://support.apple.com/kb/HT4808 http://support.apple.com/kb/HT4981 http://support.apple.com/kb/HT4999 http://www&# •
CVSS: 7.5EPSS: 2%CPEs: 4EXPL: 1CVE-2011-1121
https://notcve.org/view.php?id=CVE-2011-1121
Integer overflow in Google Chrome before 9.0.597.107 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving a TEXTAREA element. Desbordamiento de enteros en Google Chrome anterior a v9.0.597.107 permite a atacantes remotos provocar una denegación de servicio o posiblemente tener un impacto no especificado a través de vectores que implique un elemento TEXTAREA. • http://code.google.com/p/chromium/issues/detail?id=71855 http://googlechromereleases.blogspot.com/2011/02/stable-channel-update_28.html http://lists.apple.com/archives/Security-announce/2011//Oct/msg00000.html http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html http://lists.apple.com/archives/security-announce/2011//Jul/msg00002.html http://support.apple.com/kb/HT4808 http://support.apple.com/kb/HT4981 http://support.apple.com/kb/HT4999 http://www&# • CWE-190: Integer Overflow or Wraparound •