CVE-2011-3897 – WebKit ContentEditable swapInNode Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2011-3897
Use-after-free vulnerability in Google Chrome before 15.0.874.120 allows user-assisted remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to editing. Vulnerabilidad de uso después de liberación en Google Chrome anteriores a v15.0.874.120 permite al atacante remoto asistido por el usario provocar una denegación de servicio o posiblemente tener un impacto no especificado a través de vectores relacionados con la edición. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the WebKit library. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists when the library attempts to replace a particular element due to an HTML5 ContentEditable command. Due to the library not accommodating for DOM mutation events that can be made to occur, an aggressor can modify the tree out from underneath the library, leading to a type change. • http://code.google.com/p/chromium/issues/detail?id=102242 http://googlechromereleases.blogspot.com/2011/11/stable-channel-update.html http://lists.apple.com/archives/security-announce/2012/Mar/msg00000.html http://lists.apple.com/archives/security-announce/2012/Mar/msg00001.html http://lists.apple.com/archives/security-announce/2012/Mar/msg00003.html http://secunia.com/advisories/46933 http://secunia.com/advisories/48274 http://secunia.com/advisories/48288 http://secunia.com/advisories/4 • CWE-416: Use After Free •
CVE-2011-2830
https://notcve.org/view.php?id=CVE-2011-2830
Google V8, as used in Google Chrome before 14.0.835.163, does not properly implement script object wrappers, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via unknown vectors. Google V8, que se utiliza en Google Chrome anterior a v14.0.835.163, no aplica correctamente envoltorios de escritura de objetos, que permite a atacantes remotos provocar una denegación de servicio (caída de aplicación) o posiblemente tener un impacto no especificado a través de vectores desconocidos. • http://code.google.com/p/chromium/issues/detail?id=76771 http://googlechromereleases.blogspot.com/2011/09/stable-channel-update_16.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14336 •
CVE-2011-3640
https://notcve.org/view.php?id=CVE-2011-3640
Untrusted search path vulnerability in Mozilla Network Security Services (NSS), as used in Google Chrome before 17 on Windows and Mac OS X, might allow local users to gain privileges via a Trojan horse pkcs11.txt file in a top-level directory. NOTE: the vendor's response was "Strange behavior, but we're not treating this as a security bug." ** CONTROVERTIDO ** Vulnerabilidad de ruta de búsqueda no confiable de Mozilla Network Security Services (NSS), que se utiliza en Google Chrome anterior a v17 en Windows y Mac OS X, puede permitir a usuarios locales conseguir privilegios a través de un archivo troyano pkcs11.txt en un directorio de alto nivel. NOTA: La respuesta del vendedor fue " comportamiento extraño, pero no estamos tratando esto como un fallo de seguridad" • http://blog.acrossecurity.com/2011/10/google-chrome-pkcs11txt-file-planting.html http://code.google.com/p/chromium/issues/detail?id=97426 http://securityreason.com/securityalert/8483 https://bugzilla.mozilla.org/show_bug.cgi?id=641052 https://hermes.opensuse.org/messages/13154861 https://hermes.opensuse.org/messages/13155432 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13414 • CWE-426: Untrusted Search Path •
CVE-2011-3880
https://notcve.org/view.php?id=CVE-2011-3880
Google Chrome before 15.0.874.102 does not prevent use of an unspecified special character as a delimiter in HTTP headers, which has unknown impact and remote attack vectors. Google Chrome en versiones anteriores a la 15.0.874.102 no previene el uso de caracteres especiales sin especificar como delimitadores en cabeceras HTTP, lo que tiene un impacto sin especificar y vectores de ataque remotos. • http://code.google.com/p/chromium/issues/detail?id=95992 http://googlechromereleases.blogspot.com/2011/10/chrome-stable-release.html https://exchange.xforce.ibmcloud.com/vulnerabilities/70958 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12672 • CWE-20: Improper Input Validation •
CVE-2011-3879
https://notcve.org/view.php?id=CVE-2011-3879
Google Chrome before 15.0.874.102 does not prevent redirects to chrome: URLs, which has unspecified impact and remote attack vectors. Google Chrome en versiones anteriores a la 15.0.874.102 no previene redirecciones a chrome: URLs, lo que tiene un impacto sin especificar y vectores de ataque remotos. • http://code.google.com/p/chromium/issues/detail?id=95374 http://googlechromereleases.blogspot.com/2011/10/chrome-stable-release.html https://exchange.xforce.ibmcloud.com/vulnerabilities/70957 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13246 •