CVE-2011-3927
https://notcve.org/view.php?id=CVE-2011-3927
Skia, as used in Google Chrome before 16.0.912.77, does not perform all required initialization of values, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. Skia, tal y como se utiliza en Google Chrome antes de v16.0.912.77 no inicializa todos los valores requeridos, lo que permite a atacantes remotos causar una denegación de servicio o posiblemente tener un impacto no especificado a través de vectores desconocidos. • http://code.google.com/p/chromium/issues/detail?id=108605 http://googlechromereleases.blogspot.com/2012/01/stable-channel-update_23.html http://secunia.com/advisories/47694 http://www.securitytracker.com/id?1026569 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13948 • CWE-665: Improper Initialization •
CVE-2011-3924
https://notcve.org/view.php?id=CVE-2011-3924
Use-after-free vulnerability in Google Chrome before 16.0.912.77 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to DOM selections. Una vulnerabilidad de uso después de liberación en Google Chrome antes de v16.0.912.77 permite a atacantes remotos causar una denegación de servicio o posiblemente tener un impacto no especificado a través de vectores relacionados con las selecciones de DOM. • http://code.google.com/p/chromium/issues/detail?id=106484 http://googlechromereleases.blogspot.com/2012/01/stable-channel-update_23.html http://lists.apple.com/archives/security-announce/2012/Jul/msg00000.html http://lists.apple.com/archives/security-announce/2012/Sep/msg00001.html http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html http://secunia.com/advisories/47694 http://support.apple.com/kb/HT5400 http://support.apple.com/kb/HT5485 http://support.apple.com • CWE-416: Use After Free •
CVE-2011-3928 – Webkit.org Webkit copyNonAttributeProperties Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2011-3928
Use-after-free vulnerability in Google Chrome before 16.0.912.77 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to DOM handling. Una vulnerabilidad de uso después de liberación en Google Chrome antes de v16.0.912.77 permite a atacantes remotos causar una denegación de servicio o posiblemente tener un impacto no especificado a través de vectores relacionados con la manipulación de DOM. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of WebKit. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The flaw exists within the WebCore component as used by WebKit. Specifically within the handling of element properties. • http://code.google.com/p/chromium/issues/detail?id=108461 http://googlechromereleases.blogspot.com/2012/01/stable-channel-update_23.html http://lists.apple.com/archives/security-announce/2012/Mar/msg00001.html http://lists.apple.com/archives/security-announce/2012/Mar/msg00003.html http://secunia.com/advisories/47694 http://secunia.com/advisories/48288 http://secunia.com/advisories/48377 http://www.securitytracker.com/id?1026569 http://www.securitytracker.com/id?1026774 https://exchange • CWE-416: Use After Free •
CVE-2011-3926
https://notcve.org/view.php?id=CVE-2011-3926
Heap-based buffer overflow in the tree builder in Google Chrome before 16.0.912.77 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. Una vulnerabilidad de desbordamiento de buffer basado en memoria dinámica (Heap) en el constructor de árboles de Google Chrome antes de v16.0.912.77 permite a atacantes remotos causar una denegación de servicio o posiblemente tener un impacto no especificado a través de vectores desconocidos. • http://code.google.com/p/chromium/issues/detail?id=109556 http://googlechromereleases.blogspot.com/2012/01/stable-channel-update_23.html http://lists.apple.com/archives/security-announce/2012/Jul/msg00000.html http://lists.apple.com/archives/security-announce/2012/Sep/msg00001.html http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html http://secunia.com/advisories/47694 http://support.apple.com/kb/HT5400 http://support.apple.com/kb/HT5485 http://support.apple.com • CWE-787: Out-of-bounds Write •
CVE-2011-3925
https://notcve.org/view.php?id=CVE-2011-3925
Use-after-free vulnerability in the Safe Browsing feature in Google Chrome before 16.0.912.75 allows remote attackers to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via vectors related to a navigation entry and an interstitial page. Una vulnerabilidad de uso después de liberación en la función de navegación segura de Google Chrome antes de v16.0.912.75 permite a atacantes remotos provocar una denegación de servicio (por corrupción de memoria dinámica) o posiblemente tener un impacto no especificado a través de vectores relacionados con una entrada de navegación y una página intersticial (es decir, una página en la que el usuario espera unos segundos antes de acceder a la página de destino). • http://code.google.com/p/chromium/issues/detail?id=107182 http://googlechromereleases.blogspot.com/2012/01/stable-channel-update_23.html http://secunia.com/advisories/47449 http://www.securitytracker.com/id?1026487 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14538 • CWE-416: Use After Free •