CVSS: 6.8EPSS: 0%CPEs: 3EXPL: 1CVE-2011-3067
https://notcve.org/view.php?id=CVE-2011-3067
Google Chrome before 18.0.1025.151 allows remote attackers to bypass the Same Origin Policy via vectors related to replacement of IFRAME elements. Google Chrome antes de v18.0.1025.151 permite a atacantes remotos saltarse la política de mismo origen a través de vectores relacionados con elementos IFRAME. • http://code.google.com/p/chromium/issues/detail?id=117583 http://googlechromereleases.blogspot.com/2012/04/stable-and-beta-channel-updates.html http://lists.apple.com/archives/security-announce/2012/Jul/msg00000.html http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html http://osvdb.org/81037 http://secunia.com/advisories/48732 http://secunia.com/advisories/48749 http://security.gentoo.org/glsa/glsa-201204-03.xml http://support.apple.com/kb/HT5400 http:// • CWE-346: Origin Validation Error •
CVSS: 6.8EPSS: 0%CPEs: 4EXPL: 1CVE-2011-3076
https://notcve.org/view.php?id=CVE-2011-3076
Use-after-free vulnerability in Google Chrome before 18.0.1025.151 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to focus handling. Una vulnerabilidad de uso después de liberación en Google Chrome antes de v18.0.1025.151 permite a atacantes remotos causar una denegación de servicio o posiblemente tener un impacto no especificado a través de vectores relacionados con la gestión del foco. • http://code.google.com/p/chromium/issues/detail?id=120037 http://googlechromereleases.blogspot.com/2012/04/stable-and-beta-channel-updates.html http://lists.apple.com/archives/security-announce/2012/Jul/msg00000.html http://lists.apple.com/archives/security-announce/2012/Sep/msg00001.html http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html http://secunia.com/advisories/48732 http://secunia.com/advisories/48749 http://security.gentoo.org/glsa/glsa-201204-03.xml http:& • CWE-416: Use After Free •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2011-3063
https://notcve.org/view.php?id=CVE-2011-3063
Google Chrome before 18.0.1025.142 does not properly validate the renderer's navigation requests, which has unspecified impact and remote attack vectors. Google Chrome anterior a v18.0.1025.142 no valida correctamente las solicitudes del generador de solicitudes de navegción, lo cual tiene un impacto no especificado y vectores de ataque a remotos. • http://code.google.com/p/chromium/issues/detail?id=117417 http://googlechromereleases.blogspot.com/2012/03/stable-channel-release-and-beta-channel.html http://secunia.com/advisories/48618 http://secunia.com/advisories/48691 http://secunia.com/advisories/48763 http://www.securityfocus.com/bid/52762 http://www.securitytracker.com/id?1026877 https://exchange.xforce.ibmcloud.com/vulnerabilities/74413 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15226 • CWE-20: Improper Input Validation •
CVSS: 6.8EPSS: 1%CPEs: 4EXPL: 0CVE-2011-3059
https://notcve.org/view.php?id=CVE-2011-3059
Google Chrome before 18.0.1025.142 does not properly handle SVG text elements, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. Las versiones anteriores a Google Chrome v18.0.1025.142 no trata correctamente los elementos SVG de texto, lo que permite a atacantes remotos provocar una denegación de servicio debido un desbordamiento de los límites de lectura (out-of-bounds read) a través de vectores no especificados. • http://code.google.com/p/chromium/issues/detail?id=112317 http://googlechromereleases.blogspot.com/2012/03/stable-channel-release-and-beta-channel.html http://lists.apple.com/archives/security-announce/2012/Jul/msg00000.html http://lists.apple.com/archives/security-announce/2012/Sep/msg00001.html http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html http://secunia.com/advisories/48618 http://secunia.com/advisories/48691 http://secunia.com/advisories/48763 http://support& • CWE-125: Out-of-bounds Read •
CVSS: 7.5EPSS: 2%CPEs: 4EXPL: 0CVE-2011-3064
https://notcve.org/view.php?id=CVE-2011-3064
Use-after-free vulnerability in Google Chrome before 18.0.1025.142 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to SVG clipping. Vulnerabilidad por error de memoria en ejecución (use-after-free) en Google Chrome anterior a v18.0.1025.142 permite a atacantes remotos causar una denegación de servicio o posiblemente tener un impacto no especificado a través de vectores relacionados con la operación de recorte en el formato SVG. • http://code.google.com/p/chromium/issues/detail?id=117471 http://googlechromereleases.blogspot.com/2012/03/stable-channel-release-and-beta-channel.html http://lists.apple.com/archives/security-announce/2012/Jul/msg00000.html http://lists.apple.com/archives/security-announce/2012/Sep/msg00001.html http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html http://osvdb.org/80742 http://secunia.com/advisories/48618 http://secunia.com/advisories/48691 http://secunia.com/advis • CWE-416: Use After Free •