CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2011-3917
https://notcve.org/view.php?id=CVE-2011-3917
Stack-based buffer overflow in FileWatcher in Google Chrome before 16.0.912.63 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. Un desbordamiento de búfer basado en la pila en FileWatcher en Google Chrome antes de v16.0.912.63 permite a atacantes remotos causar una denegación de servicio o posiblemente tener un impacto no especificado a través de vectores desconocidos. • http://code.google.com/p/chromium/issues/detail?id=105162 http://googlechromereleases.blogspot.com/2011/12/stable-channel-update.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14847 • CWE-787: Out-of-bounds Write •
CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0CVE-2011-3910
https://notcve.org/view.php?id=CVE-2011-3910
Google Chrome before 16.0.912.63 does not properly handle YUV video frames, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. Google Chrome en versiones anteriores a la 16.0.912.63 no maneja apropiadamente frames de vídeo YUV, lo que permite a atacantes remotos provocar una denegación de servicio (lectura fuera de los límites) a través de vectores sin especificar. • http://code.google.com/p/chromium/issues/detail?id=101494 http://googlechromereleases.blogspot.com/2011/12/stable-channel-update.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14517 • CWE-125: Out-of-bounds Read •
CVSS: 7.5EPSS: 3%CPEs: 4EXPL: 0CVE-2011-3913
https://notcve.org/view.php?id=CVE-2011-3913
Use-after-free vulnerability in Google Chrome before 16.0.912.63 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to Range handling. Una vulnerabilidad de uso después de liberación en Google Chrome antes de v16.0.912.63 permite a atacantes remotos causar una denegación de servicio o posiblemente tener un impacto no especificado a través de vectores relacionados con la gestión de Rango. • http://code.google.com/p/chromium/issues/detail?id=103921 http://googlechromereleases.blogspot.com/2011/12/stable-channel-update.html http://lists.apple.com/archives/security-announce/2012/Jul/msg00000.html http://lists.apple.com/archives/security-announce/2012/Sep/msg00001.html http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html http://support.apple.com/kb/HT5400 http://support.apple.com/kb/HT5485 http://support.apple.com/kb/HT5503 https://oval.cisecurity.org& • CWE-416: Use After Free •
CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 1CVE-2011-4691
https://notcve.org/view.php?id=CVE-2011-4691
Google Chrome 15.0.874.121 and earlier does not prevent capture of data about the times of Same Origin Policy violations during IFRAME loading attempts, which makes it easier for remote attackers to determine whether a document exists in the browser cache via crafted JavaScript code. Google Chrome v15.0.874.121 y anteriores no impide la captura de datos sobre los tiempos de violación de "Same Origin Policy" durante los intentos de carga de IFRAME, lo que facilita a los atacantes remotos determinar si existe un documento en la caché del navegador a través de código JavaScript manipulado. • http://lcamtuf.coredump.cx/cachetime http://secunia.com/advisories/47127 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14188 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 4.3EPSS: 0%CPEs: 225EXPL: 1CVE-2010-5069
https://notcve.org/view.php?id=CVE-2010-5069
The Cascading Style Sheets (CSS) implementation in Google Chrome 4 does not properly handle the :visited pseudo-class, which allows remote attackers to obtain sensitive information about visited web pages via a crafted HTML document. NOTE: this may overlap CVE-2010-2264. Las Hojas de Estilo en Cascada (CSS) de aplicación en Google Chrome v4 no controlan correctamente el :visited pseudo-classe, lo que permite a atacantes remotos obtener información sensible acerca de las páginas web visitadas a través de un documento HTML manipulado. NOTA: esto puede solaparse con CVE-2010-2264. • http://w2spconf.com/2010/papers/p26.pdf https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14253 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •