CVSS: 10.0EPSS: 2%CPEs: 4EXPL: 0CVE-2011-3046
https://notcve.org/view.php?id=CVE-2011-3046
The extension subsystem in Google Chrome before 17.0.963.78 does not properly handle history navigation, which allows remote attackers to execute arbitrary code by leveraging a "Universal XSS (UXSS)" issue. El subsistema de extensión en Google Chrome antes de v17.0.963.78 no gestiona adecuadamente el historial de navegación, lo que permite a atacantes remotos ejecutar código de su elección qaprovechandose de un problema "XSS universal(UXSS)". • http://code.google.com/p/chromium/issues/detail?id=117226 http://code.google.com/p/chromium/issues/detail?id=117230 http://googlechromereleases.blogspot.com/2012/03/chrome-stable-channel-update.html http://lists.apple.com/archives/security-announce/2012/May/msg00000.html http://lists.apple.com/archives/security-announce/2012/May/msg00002.html http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00012.html http://secunia.com/advisories/47292 http://secunia.com/advisories/48321 http • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.8EPSS: 1%CPEs: 2EXPL: 1CVE-2011-3031
https://notcve.org/view.php?id=CVE-2011-3031
Use-after-free vulnerability in the element wrapper in Google V8, as used in Google Chrome before 17.0.963.65, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. vulnerabilidad de uso después de la liberación en el contenedor de elementos en Google V8, como el que se utiliza en Google Chrome anterior a v17.0.963.65, permite a atacantes remotos provocar una denegación de servicio o posiblemente tener un impacto no especificado a través de vectores desconocidos. • http://code.google.com/p/chromium/issues/detail?id=105867 http://googlechromereleases.blogspot.com/2012/03/chrome-stable-update.html http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00012.html http://secunia.com/advisories/48265 http://secunia.com/advisories/48419 http://secunia.com/advisories/48527 http://security.gentoo.org/glsa/glsa-201203-19.xml http://www.securityfocus.com/bid/52271 http://www.securitytracker.com/id?1026759 https://exchange.xforce.ibmcloud.com/vulne • CWE-416: Use After Free •
CVSS: 6.8EPSS: 1%CPEs: 5EXPL: 0CVE-2011-3038
https://notcve.org/view.php?id=CVE-2011-3038
Use-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to multi-column handling. Vulnerabilidad de uso después de la liberación en Google Chrome anteriores a v17.0.963.65, permite a atacantes remotos producir una denegación de servicio o posiblemente tener otro efecto no especificado a través de vectores relacionados con el manejo de la multi-columna. • http://code.google.com/p/chromium/issues/detail?id=113497 http://googlechromereleases.blogspot.com/2012/03/chrome-stable-update.html http://lists.apple.com/archives/security-announce/2012/Jul/msg00000.html http://lists.apple.com/archives/security-announce/2012/Sep/msg00001.html http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00012.html http://secunia.com/advisories/48265 http://secunia.com/advisories/48419& • CWE-416: Use After Free •
CVSS: 6.8EPSS: 1%CPEs: 5EXPL: 0CVE-2011-3039
https://notcve.org/view.php?id=CVE-2011-3039
Use-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to quote handling. Vulnerabilidad de uso después de la liberación en Google Chrome anteriores a v17.0.963.65, permite a atacantes remotos producir una denegación de servicio o posiblemente tener otro efecto no especificado a través de vectores relacionados con el manejo de las comillas. • http://code.google.com/p/chromium/issues/detail?id=113707 http://googlechromereleases.blogspot.com/2012/03/chrome-stable-update.html http://lists.apple.com/archives/security-announce/2012/Jul/msg00000.html http://lists.apple.com/archives/security-announce/2012/Sep/msg00001.html http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00012.html http://secunia.com/advisories/48265 http://secunia.com/advisories/48419& • CWE-416: Use After Free •
CVSS: 6.8EPSS: 1%CPEs: 5EXPL: 0CVE-2011-3037
https://notcve.org/view.php?id=CVE-2011-3037
Google Chrome before 17.0.963.65 does not properly perform casts of unspecified variables during the splitting of anonymous blocks, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a crafted document. Google Chrome anteriores a v17.0.963.65 no realiza las conversiones entre variables no especificadas durante el troceado de bloques anónimos de forma de forma correcta, lo que permite a atacantes remotos provocar una denegación de servicio o posiblemente tener otro impacto no determinado a través de un documento modificado. • http://code.google.com/p/chromium/issues/detail?id=113439 http://code.google.com/p/chromium/issues/detail?id=114924 http://code.google.com/p/chromium/issues/detail?id=115028 http://googlechromereleases.blogspot.com/2012/03/chrome-stable-update.html http://lists.apple.com/archives/security-announce/2012/Jul/msg00000.html http://lists.apple.com/archives/security-announce/2012/Sep/msg00001.html http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html http://lists.opensuse& • CWE-704: Incorrect Type Conversion or Cast •