CVSS: 7.5EPSS: 2%CPEs: 50EXPL: 0CVE-2012-2843
https://notcve.org/view.php?id=CVE-2012-2843
Use-after-free vulnerability in Google Chrome before 20.0.1132.57 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to layout height tracking. Una vulnerabilidad de uso después de liberación en Google Chrome antes de v20.0.1132.57 permite a atacantes remotos causar una denegación de servicio o posiblemente tener un impacto no especificado a través de vectores relacionados con el seguimiento de la altura de diseño. • http://code.google.com/p/chromium/issues/detail?id=130595 http://googlechromereleases.blogspot.com/2012/07/stable-channel-update.html http://lists.apple.com/archives/security-announce/2012/Sep/msg00001.html http://lists.apple.com/archives/security-announce/2012/Sep/msg00005.html http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00009.html http://support.apple.com/kb/HT5485 http://support.apple.com/kb/HT5502 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mit • CWE-399: Resource Management Errors •
CVSS: 7.5EPSS: 0%CPEs: 43EXPL: 0CVE-2012-2821
https://notcve.org/view.php?id=CVE-2012-2821
The autofill implementation in Google Chrome before 20.0.1132.43 does not properly display text, which has unspecified impact and remote attack vectors. La aplicación autocompletar en Google Chrome anterior a v20.0.1132.43 no muestra correctamente el texto, que tiene un impacto no especificado y vectores de ataque a distancia. • http://code.google.com/p/chromium/issues/detail?id=122925 http://googlechromereleases.blogspot.com/2012/06/stable-channel-update_26.html https://hermes.opensuse.org/messages/15075728 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15565 •
CVSS: 7.5EPSS: 2%CPEs: 43EXPL: 0CVE-2012-2829
https://notcve.org/view.php?id=CVE-2012-2829
Use-after-free vulnerability in the Cascading Style Sheets (CSS) implementation in Google Chrome before 20.0.1132.43 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the :first-letter pseudo-element. Vulnerabilidad en la gestión de recursos en la implementación de hojas de estilo CSS en Google Chrome anterior a v20.0.1132.43 permite a atacantes remotos provocar una denegación de servicio o probablemente tener un impacto no especificado a través de vectores relacionados con el pseudo-elemento: first-letter • http://code.google.com/p/chromium/issues/detail?id=129947 http://googlechromereleases.blogspot.com/2012/06/stable-channel-update_26.html http://lists.apple.com/archives/security-announce/2012/Sep/msg00001.html http://lists.apple.com/archives/security-announce/2012/Sep/msg00005.html http://support.apple.com/kb/HT5485 http://support.apple.com/kb/HT5502 https://hermes.opensuse.org/messages/15075728 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15144 • CWE-399: Resource Management Errors •
CVSS: 6.8EPSS: 0%CPEs: 43EXPL: 0CVE-2012-2832
https://notcve.org/view.php?id=CVE-2012-2832
The image-codec implementation in the PDF functionality in Google Chrome before 20.0.1132.43 does not initialize an unspecified pointer, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a crafted document. La implementación de imagen-codec en la funcionalidad PDF en Google Chrome anterior a v20.0.1132.43 no inicializa un puntero no especificado, permitiendo a atacantes remotos provocar una denegación de servicio o posiblemente tener un impacto desconocido a través de un documento manipulado. • http://code.google.com/p/chromium/issues/detail?id=131553 http://googlechromereleases.blogspot.com/2012/06/stable-channel-update_26.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15455 •
CVSS: 7.2EPSS: 0%CPEs: 44EXPL: 1CVE-2012-2764 – Google Chrome 19.0.1084.52 - 'metro_driver.dll' DLL Loading Arbitrary Code Execution
https://notcve.org/view.php?id=CVE-2012-2764
Untrusted search path vulnerability in Google Chrome before 20.0.1132.43 on Windows might allow local users to gain privileges via a Trojan horse Metro DLL in the current working directory. Vulnerabilidad de path de búsqueda no confiable en Google Chrome anteriores a v20.0.1132.43 en Windows podría permitir a usuario locales obtener privilegios a través de un troyano Metro DLL en el directorio de trabajo actual. Google Chrome developers, while trying to be adaptive and current, added some windows 8 helper functions to aid the development of Metro style behavior, but does not include the library file itself, thus resulting in an unqualified dynamic-link library call to 'metro_driver.dll'. A user with local disk access can carefully construct a DLL that suits the pattern that is being traversed by the client and implement it somewhere along the search path and the client will load it seamlessly. • https://www.exploit-db.com/exploits/37510 http://code.google.com/p/chromium/issues/detail?id=130276 http://googlechromereleases.blogspot.com/2012/06/stable-channel-update_26.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15375 •