CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2011-3927
https://notcve.org/view.php?id=CVE-2011-3927
Skia, as used in Google Chrome before 16.0.912.77, does not perform all required initialization of values, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. Skia, tal y como se utiliza en Google Chrome antes de v16.0.912.77 no inicializa todos los valores requeridos, lo que permite a atacantes remotos causar una denegación de servicio o posiblemente tener un impacto no especificado a través de vectores desconocidos. • http://code.google.com/p/chromium/issues/detail?id=108605 http://googlechromereleases.blogspot.com/2012/01/stable-channel-update_23.html http://secunia.com/advisories/47694 http://www.securitytracker.com/id?1026569 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13948 • CWE-665: Improper Initialization •
CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 0CVE-2011-3922 – qt: Stack-based buffer overflow in embedded harfbuzz code
https://notcve.org/view.php?id=CVE-2011-3922
Stack-based buffer overflow in Google Chrome before 16.0.912.75 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to glyph handling. Desbordamiento de búfer basado en pila en Google Chrome antes de v16.0.912.75 permite a atacantes remotos causar una denegación de servicio o posiblemente tener un impacto no especificado a través de vectores relacionados con el manejo de glifos. • http://code.google.com/p/chromium/issues/detail?id=108006 http://googlechromereleases.blogspot.com/2012/01/stable-channel-update.html http://secunia.com/advisories/47449 http://www.securityfocus.com/bid/51300 http://www.securitytracker.com/id?1026487 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14871 https://access.redhat.com/security/cve/CVE-2011-3922 https://bugzilla.redhat.com/show_bug.cgi?id=772125 • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 0CVE-2011-3921
https://notcve.org/view.php?id=CVE-2011-3921
Use-after-free vulnerability in Google Chrome before 16.0.912.75 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving animation frames. Una vulnerabilidad de uso después de liberación en Google Chrome antes de v16.0.912.75 permite a atacantes remotos causar una denegación de servicio o posiblemente tener un impacto no especificado a través de vectores relacionados con los frames de animación. • http://code.google.com/p/chromium/issues/detail?id=106672 http://googlechromereleases.blogspot.com/2012/01/stable-channel-update.html http://secunia.com/advisories/47449 http://www.securityfocus.com/bid/51300 http://www.securitytracker.com/id?1026487 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13995 • CWE-416: Use After Free •
CVSS: 7.5EPSS: 3%CPEs: 11EXPL: 0CVE-2011-3919 – libxml2: Heap-based buffer overflow when decoding an entity reference with a long name
https://notcve.org/view.php?id=CVE-2011-3919
Heap-based buffer overflow in libxml2, as used in Google Chrome before 16.0.912.75, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. Un desbordamiento de pila basado en memoria dinámica (monticulo) en libxml2, tal y como se utiliza en Google Chrome antes de v16.0.912.75, permite a atacantes remotos causar una denegación de servicio o posiblemente tener un impacto no especificado a través de vectores desconocidos. • http://code.google.com/p/chromium/issues/detail?id=107128 http://googlechromereleases.blogspot.com/2012/01/stable-channel-update.html http://lists.apple.com/archives/security-announce/2012/May/msg00001.html http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00002.html http://rhn.redhat.com/errata/RHSA-2013-0217.html http://secunia.com/advisories/47449 http://secunia.com/advisories/55568 http://support&# • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2011-3907
https://notcve.org/view.php?id=CVE-2011-3907
The view-source feature in Google Chrome before 16.0.912.63 allows remote attackers to spoof the URL bar via unspecified vectors. La función de visualización de código de Google Chrome antes de v16.0.912.63 permite a atacantes remotos falsificar la barra de URL a través de vectores no especificados. • http://code.google.com/p/chromium/issues/detail?id=99016 http://googlechromereleases.blogspot.com/2011/12/stable-channel-update.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14299 • CWE-20: Improper Input Validation •