CVSS: 6.8EPSS: 80%CPEs: 11EXPL: 1CVE-2011-3026 – libpng: Heap buffer overflow in png_decompress_chunk (MFSA 2012-11)
https://notcve.org/view.php?id=CVE-2011-3026
Integer overflow in libpng, as used in Google Chrome before 17.0.963.56, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that trigger an integer truncation. Desbordamiento de entero en libpng, tal como se utiliza en Google Chrome antes de v17.0.963.56, permite a atacantes remotos causar una denegación de servicio o posiblemente tener un impacto no especificado a través de vectores desconocidos que provocan el truncado de enteros. • http://code.google.com/p/chromium/issues/detail?id=112822 http://googlechromereleases.blogspot.com/2012/02/chrome-stable-update.html http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html http://lists.apple.com/archives/security-announce/2012/Sep/msg00004.html http://lists.opensuse.org/opensuse-security-announce/2012-02/msg00020.html http://lists.opensuse.org/opensuse-security-announce/2012-02/msg00023.html http://secunia.com/advisories/48016 http://secunia.com/advisories/48110& • CWE-122: Heap-based Buffer Overflow CWE-190: Integer Overflow or Wraparound •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2011-3962
https://notcve.org/view.php?id=CVE-2011-3962
Google Chrome before 17.0.963.46 does not properly perform path clipping, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. Google Chrome antes de v17.0.963.46 no realiza correctamente el recorte de trazados, lo que permite provocar una denegación de servicio (lectura fuera de límites) a atacantes remotos a través de vectores no especificados. • http://code.google.com/p/chromium/issues/detail?id=108901 http://googlechromereleases.blogspot.com/2012/02/stable-channel-update.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14249 • CWE-125: Out-of-bounds Read •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2011-3960
https://notcve.org/view.php?id=CVE-2011-3960
Google Chrome before 17.0.963.46 does not properly decode audio data, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. Google Chrome antes de v17.0.963.46 no descodifica correctamente los datos de audio, lo que permite a atacantes remotos provocar una denegación de servicio (lectura fuera de límites) a través de vectores no especificados. • http://code.google.com/p/chromium/issues/detail?id=108416 http://googlechromereleases.blogspot.com/2012/02/stable-channel-update.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14921 • CWE-125: Out-of-bounds Read •
CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0CVE-2011-3963
https://notcve.org/view.php?id=CVE-2011-3963
Google Chrome before 17.0.963.46 does not properly handle PDF FAX images, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. Google Chrome antes de v17.0.963.46 no gestiona adecuadamente las imágenes PDF FAX, lo que permite provocar una denegación de servicio (lectura fuera de límites) a atacantes remotos a través de vectores no especificados. • http://code.google.com/p/chromium/issues/detail?id=109094 http://googlechromereleases.blogspot.com/2012/02/stable-channel-update.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14825 • CWE-125: Out-of-bounds Read •
CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0CVE-2011-3965
https://notcve.org/view.php?id=CVE-2011-3965
Google Chrome before 17.0.963.46 does not properly check signatures, which allows remote attackers to cause a denial of service (application crash) via unspecified vectors. Google Chrome antes de v17.0.963.46 no comprueba correctamente las firmas, que permite provocar una denegación de servicio (caída de la aplicación) a atacantes remotos a través de vectores no especificados. • http://code.google.com/p/chromium/issues/detail?id=109664 http://googlechromereleases.blogspot.com/2012/02/stable-channel-update.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14954 • CWE-347: Improper Verification of Cryptographic Signature •