Page 552 of 3368 results (0.010 seconds)

CVSS: 7.5EPSS: 2%CPEs: 43EXPL: 0

Use-after-free vulnerability in the Cascading Style Sheets (CSS) implementation in Google Chrome before 20.0.1132.43 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the :first-letter pseudo-element. Vulnerabilidad en la gestión de recursos en la implementación de hojas de estilo CSS en Google Chrome anterior a v20.0.1132.43 permite a atacantes remotos provocar una denegación de servicio o probablemente tener un impacto no especificado a través de vectores relacionados con el pseudo-elemento: first-letter • http://code.google.com/p/chromium/issues/detail?id=129947 http://googlechromereleases.blogspot.com/2012/06/stable-channel-update_26.html http://lists.apple.com/archives/security-announce/2012/Sep/msg00001.html http://lists.apple.com/archives/security-announce/2012/Sep/msg00005.html http://support.apple.com/kb/HT5485 http://support.apple.com/kb/HT5502 https://hermes.opensuse.org/messages/15075728 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15144 • CWE-399: Resource Management Errors •

CVSS: 6.8EPSS: 0%CPEs: 43EXPL: 0

The image-codec implementation in the PDF functionality in Google Chrome before 20.0.1132.43 does not initialize an unspecified pointer, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a crafted document. La implementación de imagen-codec en la funcionalidad PDF en Google Chrome anterior a v20.0.1132.43 no inicializa un puntero no especificado, permitiendo a atacantes remotos provocar una denegación de servicio o posiblemente tener un impacto desconocido a través de un documento manipulado. • http://code.google.com/p/chromium/issues/detail?id=131553 http://googlechromereleases.blogspot.com/2012/06/stable-channel-update_26.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15455 •

CVSS: 7.2EPSS: 0%CPEs: 44EXPL: 1

Untrusted search path vulnerability in Google Chrome before 20.0.1132.43 on Windows might allow local users to gain privileges via a Trojan horse Metro DLL in the current working directory. Vulnerabilidad de path de búsqueda no confiable en Google Chrome anteriores a v20.0.1132.43 en Windows podría permitir a usuario locales obtener privilegios a través de un troyano Metro DLL en el directorio de trabajo actual. Google Chrome developers, while trying to be adaptive and current, added some windows 8 helper functions to aid the development of Metro style behavior, but does not include the library file itself, thus resulting in an unqualified dynamic-link library call to 'metro_driver.dll'. A user with local disk access can carefully construct a DLL that suits the pattern that is being traversed by the client and implement it somewhere along the search path and the client will load it seamlessly. • https://www.exploit-db.com/exploits/37510 http://code.google.com/p/chromium/issues/detail?id=130276 http://googlechromereleases.blogspot.com/2012/06/stable-channel-update_26.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15375 •

CVSS: 7.5EPSS: 0%CPEs: 43EXPL: 0

Buffer overflow in the JS API in the PDF functionality in Google Chrome before 20.0.1132.43 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. Desbordamiento de buffer en JS API en la funcionalidad PDF en Google Chrome anterior a v20.0.1132.43 permite a atacantes remotos causar una denegación de servicio o posiblemente tener un impacto no especificado a través de vectores desconocidos. • http://code.google.com/p/chromium/issues/detail?id=132156 http://googlechromereleases.blogspot.com/2012/06/stable-channel-update_26.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15584 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 5.0EPSS: 0%CPEs: 43EXPL: 0

Google Chrome before 20.0.1132.43 allows remote attackers to obtain potentially sensitive information from a fragment identifier by leveraging access to an IFRAME element associated with a different domain. Google Chrome anterior a v20.0.1132.43 permite a atacantes remotos obtener información potencialmente sensible a partir de un identificador de fragmento, aprovechando el acceso a un elemento IFRAME asociado a un dominio diferente. • http://code.google.com/p/chromium/issues/detail?id=118633 http://googlechromereleases.blogspot.com/2012/06/stable-channel-update_26.html http://lists.apple.com/archives/security-announce/2012/Jul/msg00000.html http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html http://support.apple.com/kb/HT5400 http://support.apple.com/kb/HT5503 https://hermes.opensuse.org/messages/15075728 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15662 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •