CVE-2013-0907
https://notcve.org/view.php?id=CVE-2013-0907
Race condition in Google Chrome before 25.0.1364.152 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of media threads. Condición de carrera en Google Chrome anterior a v25.0.1364.152 permite a atacantes remotos causar una denegación de servicio o posiblemente tener un impacto no especificado a través vectores relacionados con el manejo de hilos multimedia. • http://googlechromereleases.blogspot.com/2013/03/stable-channel-update_4.html https://code.google.com/p/chromium/issues/detail?id=174150 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16633 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVE-2013-0903
https://notcve.org/view.php?id=CVE-2013-0903
Use-after-free vulnerability in Google Chrome before 25.0.1364.152 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of browser navigation. Vulnerabilidad Use-after free en Google Chrome anterior a v25.0.1364.152, permite a atacantes remotos provocar una denegación de servicio (corrupción de memoria) o posiblemente otro impacto no especificado a través de vectores relacionados con la navegación. • http://googlechromereleases.blogspot.com/2013/03/stable-channel-update_4.html https://code.google.com/p/chromium/issues/detail?id=176252 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16661 • CWE-399: Resource Management Errors •
CVE-2013-0909
https://notcve.org/view.php?id=CVE-2013-0909
The XSS Auditor in Google Chrome before 25.0.1364.152 allows remote attackers to obtain sensitive HTTP Referer information via unspecified vectors. El XSS Auditor en Google Chrome anterior a v25.0.1364.152 permite a atacantes remotos obtener informacion sensible de HTTP Referer a través de vectores no especificados. • http://googlechromereleases.blogspot.com/2013/03/stable-channel-update_4.html https://code.google.com/p/chromium/issues/detail?id=173906 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16132 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2013-0908
https://notcve.org/view.php?id=CVE-2013-0908
Google Chrome before 25.0.1364.152 does not properly manage bindings of extension processes, which has unspecified impact and attack vectors. Google Chrome anterior a v25.0.1364.152 no gestiona adecuadamente los enlaces de los procesos de las extensiones lo cual tiene un impacto no especificado y vectores de ataque. • http://googlechromereleases.blogspot.com/2013/03/stable-channel-update_4.html https://code.google.com/p/chromium/issues/detail?id=174059 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16369 •
CVE-2013-0910
https://notcve.org/view.php?id=CVE-2013-0910
Google Chrome before 25.0.1364.152 does not properly manage the interaction between the browser process and renderer processes during authorization of the loading of a plug-in, which makes it easier for remote attackers to bypass intended access restrictions via vectors involving a blocked plug-in. Google Chrome anterior a 25.0.1364.152 no maneja adecuadamente la interacción entre el proceso del navegador y el proceso de renderizado durante la carga de un plug-in autorizado, lo que facilita a atacantes remotos evitar las restricciones de acceso establecidas a través de vectores que involucran a un plug-in bloqueado. • http://googlechromereleases.blogspot.com/2013/03/stable-channel-update_4.html https://code.google.com/p/chromium/issues/detail?id=172573 https://codereview.chromium.org/12086077 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16574 https://src.chromium.org/viewvc/chrome?view=rev&revision=180103 • CWE-287: Improper Authentication •