CVSS: 5.0EPSS: 0%CPEs: 43EXPL: 0CVE-2012-2815
https://notcve.org/view.php?id=CVE-2012-2815
Google Chrome before 20.0.1132.43 allows remote attackers to obtain potentially sensitive information from a fragment identifier by leveraging access to an IFRAME element associated with a different domain. Google Chrome anterior a v20.0.1132.43 permite a atacantes remotos obtener información potencialmente sensible a partir de un identificador de fragmento, aprovechando el acceso a un elemento IFRAME asociado a un dominio diferente. • http://code.google.com/p/chromium/issues/detail?id=118633 http://googlechromereleases.blogspot.com/2012/06/stable-channel-update_26.html http://lists.apple.com/archives/security-announce/2012/Jul/msg00000.html http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html http://support.apple.com/kb/HT5400 http://support.apple.com/kb/HT5503 https://hermes.opensuse.org/messages/15075728 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15662 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.0EPSS: 0%CPEs: 43EXPL: 0CVE-2012-2820
https://notcve.org/view.php?id=CVE-2012-2820
Google Chrome before 20.0.1132.43 does not properly implement SVG filters, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. Google Chrome anteriores a v20.0.1132.43 no implementa de forma adecuada los filtros SVG, lo que permite a atacantes remotos provocar una denegación de servicio (lectura fuera de los límites) a través de vectores no especificados. • http://code.google.com/p/chromium/issues/detail?id=121926 http://googlechromereleases.blogspot.com/2012/06/stable-channel-update_26.html https://hermes.opensuse.org/messages/15075728 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15468 • CWE-20: Improper Input Validation •
CVSS: 5.0EPSS: 1%CPEs: 43EXPL: 0CVE-2012-2825 – libxslt: DoS when reading unexpected DTD nodes in XSLT
https://notcve.org/view.php?id=CVE-2012-2825
The XSL implementation in Google Chrome before 20.0.1132.43 allows remote attackers to cause a denial of service (incorrect read operation) via unspecified vectors. La implementación XSL en Google Chrome anterior a v20.0.1132.43 permite a atacantes remotos causar una denegación de servicio (operación de lectura incorrecta) a través de vectores no especificados. • http://code.google.com/p/chromium/issues/detail?id=127417 http://googlechromereleases.blogspot.com/2012/06/stable-channel-update_26.html http://lists.apple.com/archives/security-announce/2013/Oct/msg00009.html http://lists.apple.com/archives/security-announce/2013/Sep/msg00006.html http://secunia.com/advisories/54886 http://support.apple.com/kb/HT5934 http://support.apple.com/kb/HT6001 https://hermes.opensuse.org/messages/15075728 https://www.suse.com/support/update/announcement/2013& • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: 43EXPL: 0CVE-2012-2823
https://notcve.org/view.php?id=CVE-2012-2823
Use-after-free vulnerability in Google Chrome before 20.0.1132.43 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to SVG resources. Vulnerabilidad de uso después de la liberación en Google Chrome anteriores a v20.0.1132.43, permite a atacantes remotos producir una denegación de servicio o posiblemente tener otro impacto a través de vectores relacionados con recursos SVG. • http://code.google.com/p/chromium/issues/detail?id=124356 http://googlechromereleases.blogspot.com/2012/06/stable-channel-update_26.html https://hermes.opensuse.org/messages/15075728 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15204 • CWE-399: Resource Management Errors •
CVSS: 7.8EPSS: 1%CPEs: 44EXPL: 0CVE-2012-2816
https://notcve.org/view.php?id=CVE-2012-2816
Google Chrome before 20.0.1132.43 on Windows does not properly isolate sandboxed processes, which might allow remote attackers to cause a denial of service (process interference) via unspecified vectors. Google Chrome anteriores a v20.0.1132.43 en Windows no aísla procesos en el entorno de ejecución controlado de forma adecuada, lo que podría permitir a atacantes remotos a provocar una denegación de servicio (interferencia de procesos) a través de vectores no especificados. • http://code.google.com/p/chromium/issues/detail?id=119150 http://code.google.com/p/chromium/issues/detail?id=119250 http://googlechromereleases.blogspot.com/2012/06/stable-channel-update_26.html https://hermes.opensuse.org/messages/15075728 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15591 •