CVSS: 9.8EPSS: 0%CPEs: 101EXPL: 0CVE-2012-2871 – libxslt: Heap-buffer overflow caused by bad cast in XSL transforms
https://notcve.org/view.php?id=CVE-2012-2871
31 Aug 2012 — libxml2 2.9.0-rc1 and earlier, as used in Google Chrome before 21.0.1180.89, does not properly support a cast of an unspecified variable during handling of XSL transforms, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a crafted document, related to the _xmlNs data structure in include/libxml/tree.h. libxml2 v2.9.0-rc1 y anteriores, tal como se utiliza en Google Chrome antes de v21.0.1180.89, no admite correctamente un conversión de una variable no espec... • http://code.google.com/p/chromium/issues/detail?id=138673 • CWE-122: Heap-based Buffer Overflow •
CVSS: 10.0EPSS: 5%CPEs: 38EXPL: 0CVE-2012-2864 – Gentoo Linux Security Advisory 201404-06
https://notcve.org/view.php?id=CVE-2012-2864
22 Aug 2012 — Mesa, as used in Google Chrome before 21.0.1183.0 on the Acer AC700, Cr-48, and Samsung Series 5 and 5 550 Chromebook platforms, and the Samsung Chromebox Series 3, allows remote attackers to execute arbitrary code via unspecified vectors that trigger an "array overflow." Mesa, tal y como se utiliza en Google Chrome v21.0.1183.0 en las plataformas AC700 Acer, Cr-48, y Samsung Chromebook Series 5 y 5 550, y el Samsung Chromebox Serie v3, permite a atacantes remotos ejecutar código de su elección a través de ... • http://code.google.com/p/chromium/issues/detail?id=141901 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.5EPSS: 0%CPEs: 54EXPL: 0CVE-2012-2847
https://notcve.org/view.php?id=CVE-2012-2847
06 Aug 2012 — Google Chrome before 21.0.1180.57 on Mac OS X and Linux, and before 21.0.1180.60 on Windows and Chrome Frame, does not request user confirmation before continuing a large series of downloads, which allows user-assisted remote attackers to cause a denial of service (resource consumption) via a crafted web site. Google Chrome anterior a v21.0.1180.57 en Mac OS X y Linux, y anterior a v21.0.1180.60 en Windows y Chrome Frame, no pide confirmación al usuario antes de continuar con una larga serie de descargas, q... • http://code.google.com/p/chromium/issues/detail?id=127522 • CWE-399: Resource Management Errors •
CVSS: 8.8EPSS: 0%CPEs: 54EXPL: 0CVE-2012-2848
https://notcve.org/view.php?id=CVE-2012-2848
06 Aug 2012 — The drag-and-drop implementation in Google Chrome before 21.0.1180.57 on Mac OS X and Linux, and before 21.0.1180.60 on Windows and Chrome Frame, allows user-assisted remote attackers to bypass intended file access restrictions via a crafted web site. La implementación de arrastrar y soltar en Google Chrome anterior a v21.0.1180.57 en Mac OS X y Linux, y anterior a v21.0.1180.60 en Windows y Chrome Frame, permite a usuarios asistidos por un atacante remoto evitar las restricciones de acceso a archivos a tra... • http://code.google.com/p/chromium/issues/detail?id=127525 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 6.5EPSS: 0%CPEs: 54EXPL: 0CVE-2012-2849
https://notcve.org/view.php?id=CVE-2012-2849
06 Aug 2012 — Off-by-one error in the GIF decoder in Google Chrome before 21.0.1180.57 on Mac OS X and Linux, and before 21.0.1180.60 on Windows and Chrome Frame, allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted image. Error (Off-by-one) en el decodificador GIF en Google Chrome anterior a v21.0.1180.57 en Mac OS X y Linux, y anterior a v21.0.1180.60 en Windows y Chrome Frame, permite a atacantes remotos causar una denegación de servicio debido a una lectura fuera de límites (out-of-... • http://code.google.com/p/chromium/issues/detail?id=128163 • CWE-189: Numeric Errors •
CVSS: 8.8EPSS: 1%CPEs: 54EXPL: 0CVE-2012-2850
https://notcve.org/view.php?id=CVE-2012-2850
06 Aug 2012 — Multiple unspecified vulnerabilities in the PDF functionality in Google Chrome before 21.0.1180.57 on Mac OS X and Linux, and before 21.0.1180.60 on Windows and Chrome Frame, allow remote attackers to have an unknown impact via a crafted document. Múltiples vulnerabilidades no especificadas en la funcionalidad PDF en Google Chrome anterior a v21.0.1180.57 en Mac OS X y Linux, y anterior a v21.0.1180.60 en Windows y Chrome Frame, qué permite a atacantes remotos conseguir un impacto desconocido a través de un... • http://code.google.com/p/chromium/issues/detail?id=130251 •
CVSS: 8.8EPSS: 1%CPEs: 54EXPL: 0CVE-2012-2851
https://notcve.org/view.php?id=CVE-2012-2851
06 Aug 2012 — Multiple integer overflows in the PDF functionality in Google Chrome before 21.0.1180.57 on Mac OS X and Linux, and before 21.0.1180.60 on Windows and Chrome Frame, allow remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted document. Múltiples desbordamientos de enteros en la funcionalidad PDF en Google Chrome anterior a v21.0.1180.57 en Mac OS X y Linux, y anterior a v21.0.1180.60 en Windows y Chrome Frame, que permite a atacantes remotos causar una denegaci... • http://code.google.com/p/chromium/issues/detail?id=132585 • CWE-189: Numeric Errors •
CVSS: 8.8EPSS: 0%CPEs: 54EXPL: 0CVE-2012-2852
https://notcve.org/view.php?id=CVE-2012-2852
06 Aug 2012 — The PDF functionality in Google Chrome before 21.0.1180.57 on Mac OS X and Linux, and before 21.0.1180.60 on Windows and Chrome Frame, does not properly handle object linkage, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted document. La funcionalidad PDF en Google Chrome anterior a v21.0.1180.57 en Mac OS X y Linux, y anterior a v21.0.1180.60 en Windows y Chrome Frame, no maneja adecuadamente la vinculación con objetos, lo q... • http://code.google.com/p/chromium/issues/detail?id=134028 • CWE-399: Resource Management Errors •
CVSS: 8.8EPSS: 0%CPEs: 54EXPL: 0CVE-2012-2853
https://notcve.org/view.php?id=CVE-2012-2853
06 Aug 2012 — The webRequest API in Google Chrome before 21.0.1180.57 on Mac OS X and Linux, and before 21.0.1180.60 on Windows and Chrome Frame, does not properly interact with the Chrome Web Store, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted web site. La API de WebRequest en Google Chrome anterior a v21.0.1180.57 en Mac OS X y Linux, y anterior a v21.0.1180.60 en Windows y Chrome Frame, no interactúa adecuadamente con Chrome Web Store, lo que permit... • http://code.google.com/p/chromium/issues/detail?id=134101 •
CVSS: 7.5EPSS: 0%CPEs: 54EXPL: 0CVE-2012-2854
https://notcve.org/view.php?id=CVE-2012-2854
06 Aug 2012 — Google Chrome before 21.0.1180.57 on Mac OS X and Linux, and before 21.0.1180.60 on Windows and Chrome Frame, allows remote attackers to obtain potentially sensitive information about pointer values by leveraging access to a WebUI renderer process. Google Chrome anterior a v21.0.1180.57 en Mac OS X y Linux, y anterior a v21.0.1180.60 en Windows y Chrome Frame, permite a atacantes remotos obtener información potencialmente sensible acerca de los valores del puntero, aprovechando el acceso a un proceso de ren... • http://code.google.com/p/chromium/issues/detail?id=134519 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •