CVSS: 6.5EPSS: 1%CPEs: 54EXPL: 0CVE-2012-2865
https://notcve.org/view.php?id=CVE-2012-2865
31 Aug 2012 — Google Chrome before 21.0.1180.89 does not properly perform line breaking, which allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted document. Google Chrome anterior a v21.0.1180.89 no realiza correctamente los saltos de línea, permitiendo a atacantes remotos provocar una denegación de servicio (fuera de límites leer) a través de un documento elaborado. • http://code.google.com/p/chromium/issues/detail?id=121347 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 1%CPEs: 54EXPL: 0CVE-2012-2866
https://notcve.org/view.php?id=CVE-2012-2866
31 Aug 2012 — Google Chrome before 21.0.1180.89 does not properly perform a cast of an unspecified variable during handling of run-in elements, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a crafted document. Google Chrome anterior a v21.0.1180.89 no realiza debidamente una conversión de una variable no especificada durante la manipulación de ejecución en los elementos, lo que permite a atacantes remotos provocar una denegación de servicio o posiblemente tener otro ... • http://code.google.com/p/chromium/issues/detail?id=134897 •
CVSS: 7.5EPSS: 1%CPEs: 54EXPL: 0CVE-2012-2867
https://notcve.org/view.php?id=CVE-2012-2867
31 Aug 2012 — The SPDY implementation in Google Chrome before 21.0.1180.89 allows remote attackers to cause a denial of service (application crash) via unspecified vectors. La implementación SPDY en Google Chrome anterior a v21.0.1180.89 permite a atacantes remotos provocar una denegación de servicio (caída de aplicación) a través de vectores no especificados. • http://code.google.com/p/chromium/issues/detail?id=135485 •
CVSS: 8.1EPSS: 1%CPEs: 54EXPL: 0CVE-2012-2868
https://notcve.org/view.php?id=CVE-2012-2868
31 Aug 2012 — Race condition in Google Chrome before 21.0.1180.89 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving improper interaction between worker processes and an XMLHttpRequest (aka XHR) object. Condición de carrera en Google Chrome antes de v21.0.1180.89 permite a atacantes remotos provocar una denegación de servicio o posiblemente tener un impacto no especificado a través de vectores relacionados con una interacción inadecuada entre los procesos ... • http://code.google.com/p/chromium/issues/detail?id=136881 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 9.8EPSS: 0%CPEs: 54EXPL: 0CVE-2012-2869
https://notcve.org/view.php?id=CVE-2012-2869
31 Aug 2012 — Google Chrome before 21.0.1180.89 does not properly load URLs, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger a "stale buffer." Google Chrome anterior a v21.0.1180.89 no carga correctamente las direcciones URL, permitiendo a atacantes remotos provocar una denegación de servicio o posiblemente tener un impacto no especificado a través de vectores que provocan un "colchón viejo." • http://code.google.com/p/chromium/issues/detail?id=137778 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 1%CPEs: 118EXPL: 0CVE-2012-2870 – libxslt: Use-after-free when processing an invalid XPath expression
https://notcve.org/view.php?id=CVE-2012-2870
31 Aug 2012 — libxslt 1.1.26 and earlier, as used in Google Chrome before 21.0.1180.89, does not properly manage memory, which might allow remote attackers to cause a denial of service (application crash) via a crafted XSLT expression that is not properly identified during XPath navigation, related to (1) the xsltCompileLocationPathPattern function in libxslt/pattern.c and (2) the xsltGenerateIdFunction function in libxslt/functions.c. libxslt v1.1.26 y anteriores, tal como se utiliza en Google Chrome anterior a v21.0.11... • http://code.google.com/p/chromium/issues/detail?id=138672 • CWE-399: Resource Management Errors CWE-416: Use After Free •
CVSS: 9.8EPSS: 1%CPEs: 101EXPL: 0CVE-2012-2871 – libxslt: Heap-buffer overflow caused by bad cast in XSL transforms
https://notcve.org/view.php?id=CVE-2012-2871
31 Aug 2012 — libxml2 2.9.0-rc1 and earlier, as used in Google Chrome before 21.0.1180.89, does not properly support a cast of an unspecified variable during handling of XSL transforms, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a crafted document, related to the _xmlNs data structure in include/libxml/tree.h. libxml2 v2.9.0-rc1 y anteriores, tal como se utiliza en Google Chrome antes de v21.0.1180.89, no admite correctamente un conversión de una variable no espec... • http://code.google.com/p/chromium/issues/detail?id=138673 • CWE-122: Heap-based Buffer Overflow •
CVSS: 6.1EPSS: 0%CPEs: 54EXPL: 0CVE-2012-2872
https://notcve.org/view.php?id=CVE-2012-2872
31 Aug 2012 — Cross-site scripting (XSS) vulnerability in an SSL interstitial page in Google Chrome before 21.0.1180.89 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Una vulnerabilidad de ejecución de comandos en sitios cruzados (XSS) en una página SSL intersticial en Google Chrome antes de v21.0.1180.89 permite a atacantes remotos inyectar secuencias de comandos web o HTML a través de vectores no especificados. • http://code.google.com/p/chromium/issues/detail?id=142956 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.8EPSS: 0%CPEs: 38EXPL: 0CVE-2012-2862
https://notcve.org/view.php?id=CVE-2012-2862
09 Aug 2012 — Use-after-free vulnerability in the PDF functionality in Google Chrome before 21.0.1180.75 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted document. Vulnerabilidad usar-después-liberar(use-after-free)en la funcionalidad PDF en Google Chrome anterior a v21.0.1180.75 permite a atacantes remotos causar una denegación de servicio o posiblemente tener un impacto no especificado a través de un documento manipulado. • http://code.google.com/p/chromium/issues/detail?id=136643 • CWE-399: Resource Management Errors •
CVSS: 9.8EPSS: 0%CPEs: 38EXPL: 0CVE-2012-2863
https://notcve.org/view.php?id=CVE-2012-2863
09 Aug 2012 — The PDF functionality in Google Chrome before 21.0.1180.75 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger out-of-bounds write operations. La funcionalidad PDF en Google Chrome anterior a v21.0.1180.75 permite a atacantes remotos causar una denegación de servicio o posiblemente tener otro impacto no especificado a través de vectores que provocan una operación de escritura fuera de los límites (out-of-bounds) • http://code.google.com/p/chromium/issues/detail?id=136968 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •