CVSS: 7.5EPSS: 0%CPEs: 63EXPL: 0CVE-2012-5131
https://notcve.org/view.php?id=CVE-2012-5131
Google Chrome before 23.0.1271.91 on Mac OS X does not properly mitigate improper rendering behavior in the Intel GPU driver, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. Google Chrome antes de v23.0.1271.91 en Mac OS X no mitiga adecuadamente el comportamiento de representación incorrecta en el controlador de Intel GPU, lo que permite a atacantes remotos provocar una denegación de servicio o posiblemente tener un impacto no especificado a través de vectores desconocidos. • http://googlechromereleases.blogspot.com/2012/11/stable-channel-update.html http://lists.opensuse.org/opensuse-security-announce/2012-12/msg00004.html http://osvdb.org/87883 http://www.securitytracker.com/id?1027815 https://code.google.com/p/chromium/issues/detail?id=152746 •
CVSS: 5.0EPSS: 1%CPEs: 64EXPL: 0CVE-2012-5132
https://notcve.org/view.php?id=CVE-2012-5132
Google Chrome before 23.0.1271.91 allows remote attackers to cause a denial of service (application crash) via a response with chunked transfer coding. Google Chrome anterior a v23.0.1271.91 permite a atacantes remotos provocar una denegación de servicio (caída de la aplicación) a través de una respuesta con "chunked transfer coding" • http://googlechromereleases.blogspot.com/2012/11/stable-channel-update.html http://lists.opensuse.org/opensuse-security-announce/2012-12/msg00004.html http://osvdb.org/87887 http://www.securityfocus.com/bid/56684 http://www.securitytracker.com/id?1027815 https://code.google.com/p/chromium/issues/detail?id=155711 https://exchange.xforce.ibmcloud.com/vulnerabilities/80293 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15040 •
CVSS: 5.0EPSS: 1%CPEs: 64EXPL: 0CVE-2012-5130
https://notcve.org/view.php?id=CVE-2012-5130
Skia, as used in Google Chrome before 23.0.1271.91, allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. Skia, como se usa en Google Chrome antes de v23.0.1271.91 permite a atacantes remotos provocar una denegación de servicio (lectura fuera de límites) a través de vectores no especificados • http://googlechromereleases.blogspot.com/2012/11/stable-channel-update.html http://lists.opensuse.org/opensuse-security-announce/2012-12/msg00004.html http://osvdb.org/87888 http://www.securityfocus.com/bid/56684 http://www.securitytracker.com/id?1027815 https://code.google.com/p/chromium/issues/detail?id=148638 https://exchange.xforce.ibmcloud.com/vulnerabilities/80292 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15734 • CWE-125: Out-of-bounds Read •
CVSS: 7.5EPSS: 1%CPEs: 64EXPL: 0CVE-2012-5133
https://notcve.org/view.php?id=CVE-2012-5133
Use-after-free vulnerability in Google Chrome before 23.0.1271.91 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to SVG filters. Vulnerabilidad de uso después de la liberación en Google Chrome anteriores a 23.0.1271.91, permite a atacantes remotos producir una denegación de servicio (caída de aplicación) o posiblemente tener otro impacto a través de vectores que implican filtros SVG. • http://googlechromereleases.blogspot.com/2012/11/stable-channel-update.html http://lists.opensuse.org/opensuse-security-announce/2012-12/msg00004.html http://www.securityfocus.com/bid/56684 http://www.securitytracker.com/id?1027815 https://code.google.com/p/chromium/issues/detail?id=156567 https://exchange.xforce.ibmcloud.com/vulnerabilities/80291 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15954 • CWE-416: Use After Free •
CVSS: 6.8EPSS: 4%CPEs: 226EXPL: 0CVE-2012-5134 – libxml2: Heap-buffer-underflow in xmlParseAttValueComplex
https://notcve.org/view.php?id=CVE-2012-5134
Heap-based buffer underflow in the xmlParseAttValueComplex function in parser.c in libxml2 2.9.0 and earlier, as used in Google Chrome before 23.0.1271.91 and other products, allows remote attackers to cause a denial of service or possibly execute arbitrary code via crafted entities in an XML document. Desbordamiento de búfer basado en memoria dinámica en la función xmlParseAttValueComplex en parser.c en libxml2 2.9.0 y anteriores, como las usadas en Google Chrome anteriores a 23.0.1271.91,permite a atacantes remotos causar una denegación de servicio (cuelgue) o ejecutar código a través de una entidad manipulada en un fichero XML. • http://git.gnome.org/browse/libxml2/commit/?id=6a36fbe3b3e001a8a840b5c1fdd81cefc9947f0d http://googlechromereleases.blogspot.com/2012/11/stable-channel-update.html http://lists.apple.com/archives/security-announce/2013/Oct/msg00009.html http://lists.apple.com/archives/security-announce/2013/Sep/msg00006.html http://lists.opensuse.org/opensuse-security-announce/2012-12/msg00004.html http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00023.html http://lists.opensuse.org/opensuse-security-announce/2013- • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •