CVSS: 8.8EPSS: 0%CPEs: 5EXPL: 1CVE-2011-3050
https://notcve.org/view.php?id=CVE-2011-3050
22 Mar 2012 — Use-after-free vulnerability in the Cascading Style Sheets (CSS) implementation in Google Chrome before 17.0.963.83 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the :first-letter pseudo-element. Una vulnerabilidad de uso después de liberación de vulnerabilidad en la implementación de las Hojas de Estilo en Cascada (CSS) en Google Chrome v17.0.963.83 permite a atacantes remotos causar una denegación de servicio o posiblemente tener un i... • http://code.google.com/p/chromium/issues/detail?id=113902 • CWE-416: Use After Free •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2011-3051
https://notcve.org/view.php?id=CVE-2011-3051
22 Mar 2012 — Use-after-free vulnerability in the Cascading Style Sheets (CSS) implementation in Google Chrome before 17.0.963.83 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the cross-fade function. Una vulnerabilidad de uso después de liberación en la imprentacion de las Hojas de Estilo en Cascada (CSS) en Google Chrome antes de v17.0.963.83 permite a atacantes remotos causar una denegación de servicio o posiblemente tener un impacto no especifica... • http://code.google.com/p/chromium/issues/detail?id=116461 • CWE-416: Use After Free •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 1CVE-2011-3052
https://notcve.org/view.php?id=CVE-2011-3052
22 Mar 2012 — The WebGL implementation in Google Chrome before 17.0.963.83 does not properly handle CANVAS elements, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors. La implementación de WebGL en Google Chrome antes de v17.0.963.83 no trata correctamente los elementos CANVAS, ??lo que permite a atacantes remotos provocar una denegación de servicio (corrupción de memoria) o posiblemente tener un impacto no especificado a través de... • http://code.google.com/p/chromium/issues/detail?id=116637 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 1%CPEs: 5EXPL: 0CVE-2011-3053
https://notcve.org/view.php?id=CVE-2011-3053
22 Mar 2012 — Use-after-free vulnerability in Google Chrome before 17.0.963.83 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to block splitting. Una vulnerabilidad de uso después de liberación en Google Chrome antes de v17.0.963.83 permite a atacantes remotos causar una denegación de servicio o posiblemente tener un impacto no especificado a través de vectores relacionados con la división de bloques. • http://code.google.com/p/chromium/issues/detail?id=116746 • CWE-416: Use After Free •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2011-3054
https://notcve.org/view.php?id=CVE-2011-3054
22 Mar 2012 — The WebUI privilege implementation in Google Chrome before 17.0.963.83 does not properly perform isolation, which allows remote attackers to bypass intended access restrictions via unspecified vectors. La implementación de privilegios de WebUI en Google Chrome antes de v17.0.963.83 no realiza correctamente el aislamiento, lo que permite a atacantes remotos eludir restricciones de acceso a través de vectores no especificados. • http://code.google.com/p/chromium/issues/detail?id=117418 • CWE-269: Improper Privilege Management •
CVSS: 8.8EPSS: 1%CPEs: 2EXPL: 1CVE-2011-3055
https://notcve.org/view.php?id=CVE-2011-3055
22 Mar 2012 — The browser native UI in Google Chrome before 17.0.963.83 does not require user confirmation before an unpacked extension installation, which allows user-assisted remote attackers to have an unspecified impact via a crafted extension. La interfaz de usuario nativa en Google Chrome antes de v17.0.963.83 no solicita confirmación del usuario antes de una instalación de extensión no empaquetada, lo que permite a atacantes remotos con la ayuda del usuario local a tener un impacto no especificado a través de una ... • http://code.google.com/p/chromium/issues/detail?id=117736 • CWE-306: Missing Authentication for Critical Function •
CVSS: 8.1EPSS: 1%CPEs: 4EXPL: 0CVE-2011-3056
https://notcve.org/view.php?id=CVE-2011-3056
22 Mar 2012 — Google Chrome before 17.0.963.83 allows remote attackers to bypass the Same Origin Policy via vectors involving a "magic iframe." Google Chrome antes de v17.0.963.83 permite a atacantes remotos evitar la política de mismo origen a través de vectores relacionados con un "magic iframe". • http://code.google.com/p/chromium/issues/detail?id=117550 • CWE-346: Origin Validation Error •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2011-3057
https://notcve.org/view.php?id=CVE-2011-3057
22 Mar 2012 — Google V8, as used in Google Chrome before 17.0.963.83, allows remote attackers to cause a denial of service via vectors that trigger an invalid read operation. Google V8, tal como se utiliza en Google Chrome antes de v17.0.963.83, permite a atacantes remotos provocar una denegación de servicio a través de vectores que provocan una operación de lectura no válida. • http://code.google.com/p/chromium/issues/detail?id=117794 • CWE-125: Out-of-bounds Read •
CVSS: 9.3EPSS: 2%CPEs: 1EXPL: 0CVE-2012-1845
https://notcve.org/view.php?id=CVE-2012-1845
22 Mar 2012 — Use-after-free vulnerability in Google Chrome 17.0.963.66 and earlier allows remote attackers to bypass the DEP and ASLR protection mechanisms, and execute arbitrary code, via unspecified vectors, as demonstrated by VUPEN during a Pwn2Own competition at CanSecWest 2012. NOTE: the primary affected product may be clarified later; it was not identified by the researcher, who reportedly stated "it really doesn't matter if it's third-party code." Una vulnerabilidad de Uso después de liberación en Google Chrome v... • http://pwn2own.zerodayinitiative.com/status.html • CWE-416: Use After Free •
CVSS: 10.0EPSS: 1%CPEs: 1EXPL: 0CVE-2012-1846
https://notcve.org/view.php?id=CVE-2012-1846
22 Mar 2012 — Google Chrome 17.0.963.66 and earlier allows remote attackers to bypass the sandbox protection mechanism by leveraging access to a sandboxed process, as demonstrated by VUPEN during a Pwn2Own competition at CanSecWest 2012. NOTE: the primary affected product may be clarified later; it was not identified by the researcher, who reportedly stated "it really doesn't matter if it's third-party code." Google Chrome v17.0.963.66 y anteriores permite a atacantes remotos eludir el mecanismo de protección de sandbox,... • http://pwn2own.zerodayinitiative.com/status.html • CWE-668: Exposure of Resource to Wrong Sphere •