CVSS: 9.8EPSS: 0%CPEs: 54EXPL: 0CVE-2012-2869
https://notcve.org/view.php?id=CVE-2012-2869
31 Aug 2012 — Google Chrome before 21.0.1180.89 does not properly load URLs, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger a "stale buffer." Google Chrome anterior a v21.0.1180.89 no carga correctamente las direcciones URL, permitiendo a atacantes remotos provocar una denegación de servicio o posiblemente tener un impacto no especificado a través de vectores que provocan un "colchón viejo." • http://code.google.com/p/chromium/issues/detail?id=137778 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 1%CPEs: 118EXPL: 0CVE-2012-2870 – libxslt: Use-after-free when processing an invalid XPath expression
https://notcve.org/view.php?id=CVE-2012-2870
31 Aug 2012 — libxslt 1.1.26 and earlier, as used in Google Chrome before 21.0.1180.89, does not properly manage memory, which might allow remote attackers to cause a denial of service (application crash) via a crafted XSLT expression that is not properly identified during XPath navigation, related to (1) the xsltCompileLocationPathPattern function in libxslt/pattern.c and (2) the xsltGenerateIdFunction function in libxslt/functions.c. libxslt v1.1.26 y anteriores, tal como se utiliza en Google Chrome anterior a v21.0.11... • http://code.google.com/p/chromium/issues/detail?id=138672 • CWE-399: Resource Management Errors CWE-416: Use After Free •
CVSS: 9.8EPSS: 1%CPEs: 101EXPL: 0CVE-2012-2871 – libxslt: Heap-buffer overflow caused by bad cast in XSL transforms
https://notcve.org/view.php?id=CVE-2012-2871
31 Aug 2012 — libxml2 2.9.0-rc1 and earlier, as used in Google Chrome before 21.0.1180.89, does not properly support a cast of an unspecified variable during handling of XSL transforms, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a crafted document, related to the _xmlNs data structure in include/libxml/tree.h. libxml2 v2.9.0-rc1 y anteriores, tal como se utiliza en Google Chrome antes de v21.0.1180.89, no admite correctamente un conversión de una variable no espec... • http://code.google.com/p/chromium/issues/detail?id=138673 • CWE-122: Heap-based Buffer Overflow •
CVSS: 6.1EPSS: 0%CPEs: 54EXPL: 0CVE-2012-2872
https://notcve.org/view.php?id=CVE-2012-2872
31 Aug 2012 — Cross-site scripting (XSS) vulnerability in an SSL interstitial page in Google Chrome before 21.0.1180.89 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Una vulnerabilidad de ejecución de comandos en sitios cruzados (XSS) en una página SSL intersticial en Google Chrome antes de v21.0.1180.89 permite a atacantes remotos inyectar secuencias de comandos web o HTML a través de vectores no especificados. • http://code.google.com/p/chromium/issues/detail?id=142956 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.8EPSS: 0%CPEs: 38EXPL: 0CVE-2012-2862
https://notcve.org/view.php?id=CVE-2012-2862
09 Aug 2012 — Use-after-free vulnerability in the PDF functionality in Google Chrome before 21.0.1180.75 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted document. Vulnerabilidad usar-después-liberar(use-after-free)en la funcionalidad PDF en Google Chrome anterior a v21.0.1180.75 permite a atacantes remotos causar una denegación de servicio o posiblemente tener un impacto no especificado a través de un documento manipulado. • http://code.google.com/p/chromium/issues/detail?id=136643 • CWE-399: Resource Management Errors •
CVSS: 9.8EPSS: 0%CPEs: 38EXPL: 0CVE-2012-2863
https://notcve.org/view.php?id=CVE-2012-2863
09 Aug 2012 — The PDF functionality in Google Chrome before 21.0.1180.75 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger out-of-bounds write operations. La funcionalidad PDF en Google Chrome anterior a v21.0.1180.75 permite a atacantes remotos causar una denegación de servicio o posiblemente tener otro impacto no especificado a través de vectores que provocan una operación de escritura fuera de los límites (out-of-bounds) • http://code.google.com/p/chromium/issues/detail?id=136968 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.5EPSS: 0%CPEs: 25EXPL: 0CVE-2012-2846
https://notcve.org/view.php?id=CVE-2012-2846
06 Aug 2012 — Google Chrome before 21.0.1180.57 on Linux does not properly isolate renderer processes, which allows remote attackers to cause a denial of service (cross-process interference) via unspecified vectors. Google Chrome anterior a v21.0.1180.57 en Linux no aísla debidamente los procesos de render, lo que permite a atacantes remotos provocar una denegación de servicio (interferencia de procesos) a través de vectores no especificados. • http://code.google.com/p/chromium/issues/detail?id=125225 •
CVSS: 6.5EPSS: 0%CPEs: 54EXPL: 0CVE-2012-2847
https://notcve.org/view.php?id=CVE-2012-2847
06 Aug 2012 — Google Chrome before 21.0.1180.57 on Mac OS X and Linux, and before 21.0.1180.60 on Windows and Chrome Frame, does not request user confirmation before continuing a large series of downloads, which allows user-assisted remote attackers to cause a denial of service (resource consumption) via a crafted web site. Google Chrome anterior a v21.0.1180.57 en Mac OS X y Linux, y anterior a v21.0.1180.60 en Windows y Chrome Frame, no pide confirmación al usuario antes de continuar con una larga serie de descargas, q... • http://code.google.com/p/chromium/issues/detail?id=127522 • CWE-399: Resource Management Errors •
CVSS: 8.8EPSS: 0%CPEs: 54EXPL: 0CVE-2012-2848
https://notcve.org/view.php?id=CVE-2012-2848
06 Aug 2012 — The drag-and-drop implementation in Google Chrome before 21.0.1180.57 on Mac OS X and Linux, and before 21.0.1180.60 on Windows and Chrome Frame, allows user-assisted remote attackers to bypass intended file access restrictions via a crafted web site. La implementación de arrastrar y soltar en Google Chrome anterior a v21.0.1180.57 en Mac OS X y Linux, y anterior a v21.0.1180.60 en Windows y Chrome Frame, permite a usuarios asistidos por un atacante remoto evitar las restricciones de acceso a archivos a tra... • http://code.google.com/p/chromium/issues/detail?id=127525 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 6.5EPSS: 0%CPEs: 54EXPL: 0CVE-2012-2849
https://notcve.org/view.php?id=CVE-2012-2849
06 Aug 2012 — Off-by-one error in the GIF decoder in Google Chrome before 21.0.1180.57 on Mac OS X and Linux, and before 21.0.1180.60 on Windows and Chrome Frame, allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted image. Error (Off-by-one) en el decodificador GIF en Google Chrome anterior a v21.0.1180.57 en Mac OS X y Linux, y anterior a v21.0.1180.60 en Windows y Chrome Frame, permite a atacantes remotos causar una denegación de servicio debido a una lectura fuera de límites (out-of-... • http://code.google.com/p/chromium/issues/detail?id=128163 • CWE-189: Numeric Errors •