CVE-2011-3894
https://notcve.org/view.php?id=CVE-2011-3894
Google Chrome before 15.0.874.120 does not properly perform VP8 decoding, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted stream. Google Chrome anteriores a v15.0.874.120 no realiza bién la decodificación VP8, lo que permite a atacantes remotos provocar una denegación de servicio (corrupción de memoria) o posiblemente tener un impacto no especificado a través de una corriente a mano. • http://code.google.com/p/chromium/issues/detail?id=101172 http://googlechromereleases.blogspot.com/2011/11/stable-channel-update.html http://secunia.com/advisories/46933 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14166 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2011-3896
https://notcve.org/view.php?id=CVE-2011-3896
Buffer overflow in Google Chrome before 15.0.874.120 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to shader variable mapping. Desbordamiento de búfer en Google Chrome anterior a v15.0.874.120 permite a atacantes remotos causar una denegación de servicio o posiblemente tener un impacto no especificado a través de vectores relacionados con el sombreado de la cartografía variable. • http://code.google.com/p/chromium/issues/detail?id=101624 http://googlechromereleases.blogspot.com/2011/11/stable-channel-update.html http://secunia.com/advisories/46933 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14423 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVE-2011-3895
https://notcve.org/view.php?id=CVE-2011-3895
Heap-based buffer overflow in the Vorbis decoder in Google Chrome before 15.0.874.120 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted stream. Desbordamiento de búfer basado en memoria dinámica en el decodificador de Vorbis en Google Chrome anterior a v15.0.874.120 permite a atacantes remotos causar una denegación de servicio o posiblemente tener un impacto no especificado a través de un stream manipulado. • http://code.google.com/p/chromium/issues/detail?id=101458 http://googlechromereleases.blogspot.com/2011/11/stable-channel-update.html http://secunia.com/advisories/46933 http://secunia.com/advisories/49089 http://www.debian.org/security/2012/dsa-2471 http://www.mandriva.com/security/advisories?name=MDVSA-2012:074 http://www.mandriva.com/security/advisories?name=MDVSA-2012:075 http://www.mandriva.com/security/advisories?name=MDVSA-2012:076 https://oval.cisecurity.org/repository/search/de • CWE-787: Out-of-bounds Write •
CVE-2011-3892
https://notcve.org/view.php?id=CVE-2011-3892
Double free vulnerability in the Theora decoder in Google Chrome before 15.0.874.120 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted stream. Vulnerabilidad de doble liberación en el decodificador de Theora en Google Chrome anterior a v15.0.874.120 permite a atacantes remotos causar una denegación de servicio o posiblemente tener un impacto no especificado a través de una cadena manipulada. • http://code.google.com/p/chromium/issues/detail?id=100465 http://googlechromereleases.blogspot.com/2011/11/stable-channel-update.html http://secunia.com/advisories/46933 http://secunia.com/advisories/49089 http://www.debian.org/security/2012/dsa-2471 http://www.mandriva.com/security/advisories?name=MDVSA-2012:075 http://www.mandriva.com/security/advisories?name=MDVSA-2012:076 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14484 • CWE-415: Double Free •
CVE-2011-3898
https://notcve.org/view.php?id=CVE-2011-3898
Google Chrome before 15.0.874.120, when Java Runtime Environment (JRE) 7 is used, does not request user confirmation before applet execution begins, which allows remote attackers to have an unspecified impact via a crafted applet. Google Chrome anterior a v15.0.874.120, cuando se usa Java Runtime Environment (JRE) 7, no pide confirmación al usuario antes de la ejecución de que el applet se inicie, lo que permite a atacantes remotos tener un impacto no especificado a través de un applet diseñado para ello. • http://code.google.com/p/chromium/issues/detail?id=102461 http://googlechromereleases.blogspot.com/2011/11/stable-channel-update.html http://secunia.com/advisories/46933 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14266 • CWE-269: Improper Privilege Management •