Page 586 of 3368 results (0.010 seconds)

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0

Google Chrome before 15.0.874.120 does not properly perform VP8 decoding, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted stream. Google Chrome anteriores a v15.0.874.120 no realiza bién la decodificación VP8, lo que permite a atacantes remotos provocar una denegación de servicio (corrupción de memoria) o posiblemente tener un impacto no especificado a través de una corriente a mano. • http://code.google.com/p/chromium/issues/detail?id=101172 http://googlechromereleases.blogspot.com/2011/11/stable-channel-update.html http://secunia.com/advisories/46933 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14166 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0

Buffer overflow in Google Chrome before 15.0.874.120 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to shader variable mapping. Desbordamiento de búfer en Google Chrome anterior a v15.0.874.120 permite a atacantes remotos causar una denegación de servicio o posiblemente tener un impacto no especificado a través de vectores relacionados con el sombreado de la cartografía variable. • http://code.google.com/p/chromium/issues/detail?id=101624 http://googlechromereleases.blogspot.com/2011/11/stable-channel-update.html http://secunia.com/advisories/46933 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14423 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •

CVSS: 7.5EPSS: 2%CPEs: 2EXPL: 0

Heap-based buffer overflow in the Vorbis decoder in Google Chrome before 15.0.874.120 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted stream. Desbordamiento de búfer basado en memoria dinámica en el decodificador de Vorbis en Google Chrome anterior a v15.0.874.120 permite a atacantes remotos causar una denegación de servicio o posiblemente tener un impacto no especificado a través de un stream manipulado. • http://code.google.com/p/chromium/issues/detail?id=101458 http://googlechromereleases.blogspot.com/2011/11/stable-channel-update.html http://secunia.com/advisories/46933 http://secunia.com/advisories/49089 http://www.debian.org/security/2012/dsa-2471 http://www.mandriva.com/security/advisories?name=MDVSA-2012:074 http://www.mandriva.com/security/advisories?name=MDVSA-2012:075 http://www.mandriva.com/security/advisories?name=MDVSA-2012:076 https://oval.cisecurity.org/repository/search/de • CWE-787: Out-of-bounds Write •

CVSS: 7.5EPSS: 2%CPEs: 2EXPL: 0

Double free vulnerability in the Theora decoder in Google Chrome before 15.0.874.120 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted stream. Vulnerabilidad de doble liberación en el decodificador de Theora en Google Chrome anterior a v15.0.874.120 permite a atacantes remotos causar una denegación de servicio o posiblemente tener un impacto no especificado a través de una cadena manipulada. • http://code.google.com/p/chromium/issues/detail?id=100465 http://googlechromereleases.blogspot.com/2011/11/stable-channel-update.html http://secunia.com/advisories/46933 http://secunia.com/advisories/49089 http://www.debian.org/security/2012/dsa-2471 http://www.mandriva.com/security/advisories?name=MDVSA-2012:075 http://www.mandriva.com/security/advisories?name=MDVSA-2012:076 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14484 • CWE-415: Double Free •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0

Google Chrome before 15.0.874.120, when Java Runtime Environment (JRE) 7 is used, does not request user confirmation before applet execution begins, which allows remote attackers to have an unspecified impact via a crafted applet. Google Chrome anterior a v15.0.874.120, cuando se usa Java Runtime Environment (JRE) 7, no pide confirmación al usuario antes de la ejecución de que el applet se inicie, lo que permite a atacantes remotos tener un impacto no especificado a través de un applet diseñado para ello. • http://code.google.com/p/chromium/issues/detail?id=102461 http://googlechromereleases.blogspot.com/2011/11/stable-channel-update.html http://secunia.com/advisories/46933 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14266 • CWE-269: Improper Privilege Management •