CVSS: 6.8EPSS: 1%CPEs: 2EXPL: 0CVE-2011-3886
https://notcve.org/view.php?id=CVE-2011-3886
Google V8, as used in Google Chrome before 15.0.874.102, allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code that triggers out-of-bounds write operations. Google V8, tal como se utiliza en Google Chrome en versiones anteriores a la 15.0.874.102, permite a atacantes remotos provocar una denegación de servicio o posiblemente realizar otras acciones sin especificar a través de código JavaScript modificado que provoca operaciones de escritura fuera de los límites. • http://code.google.com/p/chromium/issues/detail?id=98773 http://code.google.com/p/chromium/issues/detail?id=99167 http://googlechromereleases.blogspot.com/2011/10/chrome-stable-release.html https://exchange.xforce.ibmcloud.com/vulnerabilities/70964 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13201 • CWE-20: Improper Input Validation •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2011-3876
https://notcve.org/view.php?id=CVE-2011-3876
Google Chrome before 15.0.874.102 does not properly handle downloading files that have whitespace characters at the end of a filename, which has unspecified impact and user-assisted remote attack vectors. Google Chrome en versiones anteriores a la 15.0.874.102 no maneja apropiadamente la descarga de ficheros que tienen espacios en blanco al final del nombre de fichero, lo que tiene un impacto sin especificar y vectores de ataque remotos asistidos por el usuario. • http://code.google.com/p/chromium/issues/detail?id=90217 http://googlechromereleases.blogspot.com/2011/10/chrome-stable-release.html https://exchange.xforce.ibmcloud.com/vulnerabilities/70954 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13042 •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2011-3890
https://notcve.org/view.php?id=CVE-2011-3890
Use-after-free vulnerability in Google Chrome before 15.0.874.102 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to video source handling. Vulnerabilidad de tipo "usar después de liberar" ("use-after-free") en Google Chrome en versiones anteriores a la 15.0.874.102 permite a atacantes remotos provocar una denegación de servicio o posiblemente realizar otras acciones a través de vectores relacionados con el manejo de fuentes de video. • http://code.google.com/p/chromium/issues/detail?id=99553 http://googlechromereleases.blogspot.com/2011/10/chrome-stable-release.html https://exchange.xforce.ibmcloud.com/vulnerabilities/70968 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12286 • CWE-416: Use After Free •
CVSS: 6.8EPSS: 7%CPEs: 4EXPL: 0CVE-2011-3888
https://notcve.org/view.php?id=CVE-2011-3888
Use-after-free vulnerability in Google Chrome before 15.0.874.102 allows user-assisted remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to editing operations in conjunction with an unknown plug-in. Vulnerabilidad de tipo "usar después de liberar" (use-after-free) en Google Chrome en versiones anteriores a la 15.0.874.102. Permite a atacantes remotos asistidos por el usuario provocar una denegación de servicio o posiblemente tener otro impacto sin especificar a través de vectores relacionados con operaciones de edicion junto con complementos ("plug-ins") desconocidos. • http://code.google.com/p/chromium/issues/detail?id=99138 http://googlechromereleases.blogspot.com/2011/10/chrome-stable-release.html http://lists.apple.com/archives/security-announce/2012/Mar/msg00000.html http://lists.apple.com/archives/security-announce/2012/Mar/msg00001.html http://lists.apple.com/archives/security-announce/2012/Mar/msg00003.html http://secunia.com/advisories/48274 http://secunia.com/advisories/48288 http://secunia.com/advisories/48377 http://www.securitytracker.com/id • CWE-416: Use After Free •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2011-3878
https://notcve.org/view.php?id=CVE-2011-3878
Race condition in Google Chrome before 15.0.874.102 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to worker process initialization. Condición de carrera en Google Chrome en versiones anteriores a la 15.0.874.102 permite a atacantes remotos provocar una denegación de servicio o posiblemente realizar otras acciones sin especificar a través de vectores relacionados con la inicialización de procesos ("worker process initialization"). • http://code.google.com/p/chromium/issues/detail?id=94487 http://googlechromereleases.blogspot.com/2011/10/chrome-stable-release.html https://exchange.xforce.ibmcloud.com/vulnerabilities/70956 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12811 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •