CVSS: 5.0EPSS: 0%CPEs: 53EXPL: 0CVE-2012-2892
https://notcve.org/view.php?id=CVE-2012-2892
Unspecified vulnerability in Google Chrome before 22.0.1229.79 allows remote attackers to bypass the pop-up blocker via unknown vectors. Vulnerabilidad no especificada en Google Chrome anteriores a v22.0.1229.79 permite a atacantes remotos evitar el bloqueo del menú desplegable mediante vectores desconocidos. • http://googlechromereleases.blogspot.com/2012/09/stable-channel-update_25.html http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00012.html https://code.google.com/p/chromium/issues/detail?id=144704 https://exchange.xforce.ibmcloud.com/vulnerabilities/78843 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15807 •
CVSS: 6.8EPSS: 1%CPEs: 53EXPL: 0CVE-2012-2890
https://notcve.org/view.php?id=CVE-2012-2890
Use-after-free vulnerability in the PDF functionality in Google Chrome before 22.0.1229.79 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted document. Vulnerabilida de error en la gestión de recursos en la funcionalidad PDF en Google Chrome antes de v22.0.1229.79, permite a atacantes remotos provocar una denegación de servicio o posiblemente tener otro impacto no especificado a través de un documento manipulado. • http://googlechromereleases.blogspot.com/2012/09/stable-channel-update_25.html https://code.google.com/p/chromium/issues/detail?id=143798 https://code.google.com/p/chromium/issues/detail?id=144072 https://code.google.com/p/chromium/issues/detail?id=147402 https://exchange.xforce.ibmcloud.com/vulnerabilities/78841 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15766 • CWE-399: Resource Management Errors •
CVSS: 5.0EPSS: 0%CPEs: 55EXPL: 0CVE-2012-2877
https://notcve.org/view.php?id=CVE-2012-2877
The extension system in Google Chrome before 22.0.1229.79 does not properly handle modal dialogs, which allows remote attackers to cause a denial of service (application crash) via unspecified vectors. La extensión System en Google Chrome anterior a v22.0.1229.79 no gestiona de forma adecuada los diálogos de modo, lo que permite a atacantes remotos a provocar una denegación de servicio (caída de la aplicación) a través de vectores no especificados. • http://googlechromereleases.blogspot.com/2012/09/stable-channel-update_25.html http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00012.html https://code.google.com/p/chromium/issues/detail?id=137707 https://exchange.xforce.ibmcloud.com/vulnerabilities/78832 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15857 • CWE-20: Improper Input Validation •
CVSS: 6.8EPSS: 0%CPEs: 53EXPL: 0CVE-2012-2895
https://notcve.org/view.php?id=CVE-2012-2895
The PDF functionality in Google Chrome before 22.0.1229.79 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger out-of-bounds write operations. La funcionalidad PDF en Google Chrome anterior a v22.0.1229.79, permite a atacantes remotos provocar una denegación de servicio y posiblemente causar otro impacto a través de vectores que lanzan operaciones de escritura fuera de rango. • http://googlechromereleases.blogspot.com/2012/09/stable-channel-update_25.html https://code.google.com/p/chromium/issues/detail?id=145029 https://code.google.com/p/chromium/issues/detail?id=145157 https://code.google.com/p/chromium/issues/detail?id=146460 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15773 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 1CVE-2012-4905 – Google Chrome for Android - com.android.browser.application_id Intent Extra Data Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2012-4905
Cross-site scripting (XSS) vulnerability in Google Chrome before 18.0.1025308 on Android allows remote attackers to inject arbitrary web script or HTML via an extra in an Intent object, aka "Universal XSS (UXSS)." Una vulnerabilidad de ejecución de comandos en sitios cruzados (XSS) en Google Chrome antes de v18.0.1025308 en Android permite a atacantes remotos inyectar secuencias de comandos web o HTML a través de un 'extra' en un objeto 'Intent'. Se trata de un problema también conocido como "Universal XSS (UXSS)". Chrome for Android suffers from a universal cross site scripting vulnerability via com.android.browser.application_id. Version 18.0.1025308 was released to address this vulnerability. • https://www.exploit-db.com/exploits/37792 http://googlechromereleases.blogspot.com/2012/09/chrome-for-android-update.html https://code.google.com/p/chromium/issues/detail?id=144813 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •