CVSS: 6.8EPSS: 3%CPEs: 4EXPL: 0CVE-2011-3958
https://notcve.org/view.php?id=CVE-2011-3958
Google Chrome before 17.0.963.46 does not properly perform casts of variables during handling of a column span, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted document. Google Chrome antes de v17.0.963.46 no realiza correctamente la conversión de variables durante el tratamiento de la extensión de una columna (column span), lo que permite a atacantes remotos causar una denegación de servicio o posiblemente tener un impacto no especificado a través de un documento manipulado. • http://code.google.com/p/chromium/issues/detail?id=105459 http://googlechromereleases.blogspot.com/2012/02/stable-channel-update.html http://lists.apple.com/archives/security-announce/2012/Jul/msg00000.html http://lists.apple.com/archives/security-announce/2012/Sep/msg00001.html http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html http://support.apple.com/kb/HT5400 http://support.apple.com/kb/HT5485 http://support.apple.com/kb/HT5503 https://oval.cisecurity.org& • CWE-416: Use After Free •
CVSS: 5.8EPSS: 0%CPEs: 1EXPL: 0CVE-2011-3964
https://notcve.org/view.php?id=CVE-2011-3964
Google Chrome before 17.0.963.46 does not properly implement the drag-and-drop feature, which makes it easier for remote attackers to spoof the URL bar via unspecified vectors. Google Chrome antes de v17.0.963.46 no implementa correctamente la función de arrastrar y soltar, lo que facilita a los atacantes remotos a la hora de falsificar la barra de direcciones a través de vectores no especificados. • http://code.google.com/p/chromium/issues/detail?id=109245 http://googlechromereleases.blogspot.com/2012/02/stable-channel-update.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14591 • CWE-20: Improper Input Validation •
CVSS: 6.8EPSS: 5%CPEs: 4EXPL: 0CVE-2011-3971
https://notcve.org/view.php?id=CVE-2011-3971
Use-after-free vulnerability in Google Chrome before 17.0.963.46 allows user-assisted remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to mousemove events. Una vulnerabilidad de uso después de liberación en Google Chrome antes de v17.0.963.46 permite a los atacantes remotos con la ayuda (no deseada) de usuarios locales provocar una denegación de servicio o posiblemente tener un impacto no especificado a través de vectores relacionados con los eventos 'MouseMove'. • http://code.google.com/p/chromium/issues/detail?id=110374 http://googlechromereleases.blogspot.com/2012/02/stable-channel-update.html http://lists.apple.com/archives/security-announce/2012/Jul/msg00000.html http://lists.apple.com/archives/security-announce/2012/Sep/msg00001.html http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html http://support.apple.com/kb/HT5400 http://support.apple.com/kb/HT5485 http://support.apple.com/kb/HT5503 https://oval.cisecurity.org& • CWE-416: Use After Free •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2011-3961
https://notcve.org/view.php?id=CVE-2011-3961
Race condition in Google Chrome before 17.0.963.46 allows remote attackers to execute arbitrary code via vectors that trigger a crash of a utility process. Condición de carrera en Google Chrome antes de v17.0.963.46 permite a atacantes remotos ejecutar código de su elección a través de vectores que provocan la caida de un proceso de servicio. • http://code.google.com/p/chromium/issues/detail?id=108871 http://googlechromereleases.blogspot.com/2012/02/stable-channel-update.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14864 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 7.5EPSS: 3%CPEs: 4EXPL: 0CVE-2011-3966
https://notcve.org/view.php?id=CVE-2011-3966
Use-after-free vulnerability in Google Chrome before 17.0.963.46 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to error handling for Cascading Style Sheets (CSS) token-sequence data. Una vulnerabilidad de uso después de liberación en Google Chrome antes de v17.0.963.46 permite a atacantes remotos causar una denegación de servicio o posiblemente tener un impacto no especificado a través de vectores relacionados con la gestión de errores para secuencias de tokens en Hojas de Estilo en Cascada (CSS). • http://code.google.com/p/chromium/issues/detail?id=109716 http://googlechromereleases.blogspot.com/2012/02/stable-channel-update.html http://lists.apple.com/archives/security-announce/2012/Jul/msg00000.html http://lists.apple.com/archives/security-announce/2012/Sep/msg00001.html http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html http://support.apple.com/kb/HT5400 http://support.apple.com/kb/HT5485 http://support.apple.com/kb/HT5503 https://oval.cisecurity.org& • CWE-416: Use After Free •