CVE-2011-3953
https://notcve.org/view.php?id=CVE-2011-3953
Google Chrome before 17.0.963.46 does not prevent monitoring of the clipboard after a paste event, which has unspecified impact and remote attack vectors. Google Chrome antes de v17.0.963.46 no impide la monitorización del portapapeles después de un evento de pegado (paste), lo que tiene un impacto no especificado y vectores de ataque remotos. • http://code.google.com/p/chromium/issues/detail?id=73478 http://googlechromereleases.blogspot.com/2012/02/stable-channel-update.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14392 •
CVE-2011-3958
https://notcve.org/view.php?id=CVE-2011-3958
Google Chrome before 17.0.963.46 does not properly perform casts of variables during handling of a column span, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted document. Google Chrome antes de v17.0.963.46 no realiza correctamente la conversión de variables durante el tratamiento de la extensión de una columna (column span), lo que permite a atacantes remotos causar una denegación de servicio o posiblemente tener un impacto no especificado a través de un documento manipulado. • http://code.google.com/p/chromium/issues/detail?id=105459 http://googlechromereleases.blogspot.com/2012/02/stable-channel-update.html http://lists.apple.com/archives/security-announce/2012/Jul/msg00000.html http://lists.apple.com/archives/security-announce/2012/Sep/msg00001.html http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html http://support.apple.com/kb/HT5400 http://support.apple.com/kb/HT5485 http://support.apple.com/kb/HT5503 https://oval.cisecurity.org& • CWE-416: Use After Free •
CVE-2011-3964
https://notcve.org/view.php?id=CVE-2011-3964
Google Chrome before 17.0.963.46 does not properly implement the drag-and-drop feature, which makes it easier for remote attackers to spoof the URL bar via unspecified vectors. Google Chrome antes de v17.0.963.46 no implementa correctamente la función de arrastrar y soltar, lo que facilita a los atacantes remotos a la hora de falsificar la barra de direcciones a través de vectores no especificados. • http://code.google.com/p/chromium/issues/detail?id=109245 http://googlechromereleases.blogspot.com/2012/02/stable-channel-update.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14591 • CWE-20: Improper Input Validation •
CVE-2011-3971
https://notcve.org/view.php?id=CVE-2011-3971
Use-after-free vulnerability in Google Chrome before 17.0.963.46 allows user-assisted remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to mousemove events. Una vulnerabilidad de uso después de liberación en Google Chrome antes de v17.0.963.46 permite a los atacantes remotos con la ayuda (no deseada) de usuarios locales provocar una denegación de servicio o posiblemente tener un impacto no especificado a través de vectores relacionados con los eventos 'MouseMove'. • http://code.google.com/p/chromium/issues/detail?id=110374 http://googlechromereleases.blogspot.com/2012/02/stable-channel-update.html http://lists.apple.com/archives/security-announce/2012/Jul/msg00000.html http://lists.apple.com/archives/security-announce/2012/Sep/msg00001.html http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html http://support.apple.com/kb/HT5400 http://support.apple.com/kb/HT5485 http://support.apple.com/kb/HT5503 https://oval.cisecurity.org& • CWE-416: Use After Free •
CVE-2011-3961
https://notcve.org/view.php?id=CVE-2011-3961
Race condition in Google Chrome before 17.0.963.46 allows remote attackers to execute arbitrary code via vectors that trigger a crash of a utility process. Condición de carrera en Google Chrome antes de v17.0.963.46 permite a atacantes remotos ejecutar código de su elección a través de vectores que provocan la caida de un proceso de servicio. • http://code.google.com/p/chromium/issues/detail?id=108871 http://googlechromereleases.blogspot.com/2012/02/stable-channel-update.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14864 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •