CVE-2013-0899
https://notcve.org/view.php?id=CVE-2013-0899
Integer overflow in the padding implementation in the opus_packet_parse_impl function in src/opus_decoder.c in Opus before 1.0.2, as used in Google Chrome before 25.0.1364.97 on Windows and Linux and before 25.0.1364.99 on Mac OS X and other products, allows remote attackers to cause a denial of service (out-of-bounds read) via a long packet. Desbordamiento de entero en la aplicación de relleno en la función opus_packet_parse_impl en src / opus_decoder.c en el Opus antes de v1.0.2, tal como se utiliza en Google Chrome antes v25.0.1364.97 en Windows y Linux, y antes v25.0.1364.99 en Mac OS X y otros productos, permite atacantes remotos provocar una denegación de servicio (leer fuera de límites) a través de un gran paquete. • http://googlechromereleases.blogspot.com/2013/02/stable-channel-update_21.html http://lists.opensuse.org/opensuse-updates/2013-03/msg00045.html http://opus-codec.org/downloads https://code.google.com/p/chromium/issues/detail?id=160480 https://codereview.chromium.org/11575026 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16027 https://src.chromium.org/viewvc/chrome/trunk/deps/third_party/opus/src/opus_decoder.c?r1=173498&r2=173497&pathrev=173498 https:/ • CWE-190: Integer Overflow or Wraparound •
CVE-2013-0885
https://notcve.org/view.php?id=CVE-2013-0885
Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, does not properly restrict API privileges during interaction with the Chrome Web Store, which has unspecified impact and attack vectors. Google Chrome anterior a v25.0.1364.97 en Windows y Linux, y anterior a v25.0.1364.99 en Mac OS X, no restringe correctamente los privilegios de la API durante la interacción con el Chrome Web Store, el cual tiene un impacto no especificado. • http://googlechromereleases.blogspot.com/2013/02/stable-channel-update_21.html http://lists.opensuse.org/opensuse-updates/2013-03/msg00045.html https://code.google.com/p/chromium/issues/detail?id=172369 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16255 • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVE-2013-0890
https://notcve.org/view.php?id=CVE-2013-0890
Multiple unspecified vulnerabilities in the IPC layer in Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, allow remote attackers to cause a denial of service (memory corruption) or possibly have other impact via unknown vectors. Múltiples vulnerabilidades no especificadas en la capa IPC en Google Chrome antes v25.0.1364.97 en Windows y Linux, y antes v25.0.1364.99 en Mac OS X, permite a atacantes remotos provocar una denegación de servicio (corrupción de memoria) o posiblemente tener otro impacto a través de vectores desconocidos . • http://googlechromereleases.blogspot.com/2013/02/stable-channel-update_21.html http://lists.opensuse.org/opensuse-updates/2013-03/msg00045.html https://code.google.com/p/chromium/issues/detail?id=169966 https://code.google.com/p/chromium/issues/detail?id=169973 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16208 • CWE-787: Out-of-bounds Write •
CVE-2013-0896
https://notcve.org/view.php?id=CVE-2013-0896
Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, does not properly manage memory during message handling for plug-ins, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. Google Chrome antes v25.0.1364.97 en Windows y Linux, y antes v25.0.1364.99 en Mac OS X, no gestiona adecuadamente la memoria durante la gestión de mensajes para los plug-ins, que permite a atacantes remotos provocar una denegación de servicio o posiblemente tener otro impacto no especificado a través de vectores desconocidos. • http://googlechromereleases.blogspot.com/2013/02/stable-channel-update_21.html http://lists.opensuse.org/opensuse-updates/2013-03/msg00045.html https://code.google.com/p/chromium/issues/detail?id=166708 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16656 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2013-0884
https://notcve.org/view.php?id=CVE-2013-0884
Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, does not properly load Native Client (aka NaCl) code, which has unspecified impact and attack vectors. Google Chrome v25.0.1364.97 sobre Windows y Linux, y anterior a v25.0.1364.99 sobre Mac OS X, no carga adecuadamente el código "Native CLient" (aka NaCl), lo que tiene un impacta y vectores de ataques desconocidos. • http://googlechromereleases.blogspot.com/2013/02/stable-channel-update_21.html http://lists.opensuse.org/opensuse-updates/2013-03/msg00045.html https://code.google.com/p/chromium/issues/detail?id=172984 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16101 •