CVSS: 8.8EPSS: 0%CPEs: 7EXPL: 0CVE-2013-0889 – Gentoo Linux Security Advisory 201309-16
https://notcve.org/view.php?id=CVE-2013-0889
23 Feb 2013 — Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, does not properly enforce a user gesture requirement before proceeding with a file download, which might make it easier for remote attackers to execute arbitrary code via a crafted file. Google Chrome v25.0.1364.97 sobre Windows y Linux, y anterior a v25.0.1364.99 sobre Mac OS X, no fuerza al usuario adecuadamente antes de proceder con la descarga de un archivo, lo que podría facilitar a atacantes remotos la ejecuci... • http://googlechromereleases.blogspot.com/2013/02/stable-channel-update_21.html • CWE-863: Incorrect Authorization •
CVSS: 8.8EPSS: 0%CPEs: 10EXPL: 0CVE-2013-0894 – Gentoo Linux Security Advisory 201309-16
https://notcve.org/view.php?id=CVE-2013-0894
23 Feb 2013 — Buffer overflow in the vorbis_parse_setup_hdr_floors function in the Vorbis decoder in vorbisdec.c in libavcodec in FFmpeg through 1.1.3, as used in Google Chrome before 25.0.1364.97 on Windows and Linux and before 25.0.1364.99 on Mac OS X and other products, allows remote attackers to cause a denial of service (divide-by-zero error or out-of-bounds array access) or possibly have unspecified other impact via vectors involving a zero value for a bark map size. Desbordamiento de búfer en la función vorbis_par... • http://git.chromium.org/gitweb/?p=chromium/deps/ffmpeg.git%3Ba=commit%3Bh=e1e70d9bb9852b7d099379afc95531a632a20ba5 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 9.8EPSS: 1%CPEs: 6EXPL: 0CVE-2013-0900 – Gentoo Linux Security Advisory 201402-14
https://notcve.org/view.php?id=CVE-2013-0900
23 Feb 2013 — Race condition in the International Components for Unicode (ICU) functionality in Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. Condición de carrera en la funcionalidad "International Components for Unicode (ICU)" de Google Chrome antes v25.0.1364.97 en Windows y Linux, y antes v25.0.1364.99 en Mac OS X, permite a atacantes remotos provocar una de... • http://googlechromereleases.blogspot.com/2013/02/stable-channel-update_21.html • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 8.8EPSS: 0%CPEs: 7EXPL: 0CVE-2013-0890 – Gentoo Linux Security Advisory 201309-16
https://notcve.org/view.php?id=CVE-2013-0890
23 Feb 2013 — Multiple unspecified vulnerabilities in the IPC layer in Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, allow remote attackers to cause a denial of service (memory corruption) or possibly have other impact via unknown vectors. Múltiples vulnerabilidades no especificadas en la capa IPC en Google Chrome antes v25.0.1364.97 en Windows y Linux, y antes v25.0.1364.99 en Mac OS X, permite a atacantes remotos provocar una denegación de servicio (corrupción de memoria) ... • http://googlechromereleases.blogspot.com/2013/02/stable-channel-update_21.html • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 0%CPEs: 5EXPL: 0CVE-2013-0887 – Gentoo Linux Security Advisory 201309-16
https://notcve.org/view.php?id=CVE-2013-0887
23 Feb 2013 — The developer-tools process in Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, does not properly restrict privileges during interaction with a connected server, which has unspecified impact and attack vectors. El proceso de herramientas para desarrolladores de Google Chrome antes v25.0.1364.97 en Windows y Linux, y antes v25.0.1364.99 en Mac OS X, no restringe correctamente privilegios durante la interacción con un servidor conectado, lo cual tiene un impacto no ... • http://googlechromereleases.blogspot.com/2013/02/stable-channel-update_21.html • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 9.8EPSS: 0%CPEs: 7EXPL: 0CVE-2013-0896 – Gentoo Linux Security Advisory 201309-16
https://notcve.org/view.php?id=CVE-2013-0896
23 Feb 2013 — Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, does not properly manage memory during message handling for plug-ins, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. Google Chrome antes v25.0.1364.97 en Windows y Linux, y antes v25.0.1364.99 en Mac OS X, no gestiona adecuadamente la memoria durante la gestión de mensajes para los plug-ins, que permite a atacantes remotos provocar una denega... • http://googlechromereleases.blogspot.com/2013/02/stable-channel-update_21.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 0%CPEs: 7EXPL: 0CVE-2013-0891 – Gentoo Linux Security Advisory 201309-16
https://notcve.org/view.php?id=CVE-2013-0891
23 Feb 2013 — Integer overflow in Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a blob. Desbordamiento de entero en Google Chrome v25.0.1364.97 sobre Windows y Linux, y anterior a v25.0.1364.99 sobre Mac OS X, permite a atacantes remotos provocar una denegación de servicio u otro impacto a través de vectores desconocidos. Multiple vulnerabilities have been reported in Chromium ... • http://googlechromereleases.blogspot.com/2013/02/stable-channel-update_21.html • CWE-190: Integer Overflow or Wraparound •
CVSS: 9.8EPSS: 0%CPEs: 7EXPL: 0CVE-2013-0884 – Gentoo Linux Security Advisory 201309-16
https://notcve.org/view.php?id=CVE-2013-0884
23 Feb 2013 — Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, does not properly load Native Client (aka NaCl) code, which has unspecified impact and attack vectors. Google Chrome v25.0.1364.97 sobre Windows y Linux, y anterior a v25.0.1364.99 sobre Mac OS X, no carga adecuadamente el código "Native CLient" (aka NaCl), lo que tiene un impacta y vectores de ataques desconocidos. Multiple vulnerabilities have been reported in Chromium and V8, some of which may allow execution of ... • http://googlechromereleases.blogspot.com/2013/02/stable-channel-update_21.html •
CVSS: 9.8EPSS: 0%CPEs: 7EXPL: 0CVE-2013-0882 – Gentoo Linux Security Advisory 201309-16
https://notcve.org/view.php?id=CVE-2013-0882
23 Feb 2013 — Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, allows remote attackers to cause a denial of service (incorrect memory access) or possibly have unspecified other impact via a large number of SVG parameters. Google Chrome anterior a v25.0.1364.97 en Windows y Linux, y anterior a v25.0.1364.99 en Mac OS X, permite a atacantes remotos causar una denegación de servicio (incorrecto acceso a memoria) o posiblemente tener otro impacto no especificado mediante un número ... • http://googlechromereleases.blogspot.com/2013/02/stable-channel-update_21.html • CWE-416: Use After Free •
CVSS: 6.5EPSS: 0%CPEs: 7EXPL: 0CVE-2013-0881 – Gentoo Linux Security Advisory 201309-16
https://notcve.org/view.php?id=CVE-2013-0881
23 Feb 2013 — Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, allows remote attackers to cause a denial of service (incorrect read operation) via crafted data in the Matroska container format. Google Chrome v25.0.1364.97 sobre Windows y Linux, y anterior a v25.0.1364.99 sobre Mac OS X, permite a atacantes remotos provocar una denegación de servicio (operación de lectura incorrecta) a través de datos manipulados en un contenedor con formato Matroska. Multiple vulnerabilities ha... • http://googlechromereleases.blogspot.com/2013/02/stable-channel-update_21.html • CWE-787: Out-of-bounds Write •