CVSS: 6.8EPSS: 4%CPEs: 10EXPL: 0CVE-2011-2834 – libxml2: double-free caused by malformed XPath expression in XSLT
https://notcve.org/view.php?id=CVE-2011-2834
Double free vulnerability in libxml2, as used in Google Chrome before 14.0.835.163, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to XPath handling. Vulnerabilidad de doble liberación en libxml2, tal y como se usa en Google Chrome antes de v14.0.835.163, permite a atacantes remotos causar una denegación de servicio o posiblemente tener un impacto no especificado a través de vectores relacionados con el manejo de XPath. • http://code.google.com/p/chromium/issues/detail?id=93472 http://googlechromereleases.blogspot.com/2011/09/stable-channel-update_16.html http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041 http://lists.apple.com/archives/security-announce/2012/May/msg00001.html http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html http://osvdb.org/75560 http://rhn.redhat.com/errata/RHSA-2013-0217.html http://support.apple.com/kb/HT5281 http://support. • CWE-415: Double Free •
CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0CVE-2011-2851
https://notcve.org/view.php?id=CVE-2011-2851
Google Chrome before 14.0.835.163 does not properly handle video, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. Google Chrome antes de la v14.0.835.163 no controla correctamente vídeos, lo que permite a atacantes remotos provocar una denegación de servicio (lectura fuera de los límites) a través de vectores no especificados. • http://code.google.com/p/chromium/issues/detail?id=90173 http://googlechromereleases.blogspot.com/2011/09/stable-channel-update_16.html http://osvdb.org/75552 https://exchange.xforce.ibmcloud.com/vulnerabilities/69878 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14040 • CWE-125: Out-of-bounds Read •
CVSS: 6.8EPSS: 6%CPEs: 4EXPL: 0CVE-2011-2847
https://notcve.org/view.php?id=CVE-2011-2847
Use-after-free vulnerability in the document loader in Google Chrome before 14.0.835.163 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted document. Vulnerabilidad de tipo "usar-después-de-liberar" en el cargador de documentos en Google Chrome antes de la v14.0.835.163 permite a atacantes remotos causar una denegación de servicio o posiblemente tener un impacto no especificado a través de un documento preparado para ese fin. • http://code.google.com/p/chromium/issues/detail?id=89330 http://googlechromereleases.blogspot.com/2011/09/stable-channel-update_16.html http://lists.apple.com/archives/security-announce/2012/Mar/msg00000.html http://lists.apple.com/archives/security-announce/2012/Mar/msg00001.html http://lists.apple.com/archives/security-announce/2012/Mar/msg00003.html http://osvdb.org/75547 http://secunia.com/advisories/48274 http://secunia.com/advisories/48288 http://secunia.com/advisories/48377 htt • CWE-416: Use After Free •
CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0CVE-2011-2858
https://notcve.org/view.php?id=CVE-2011-2858
Google Chrome before 14.0.835.163 does not properly handle triangle arrays, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. Google Chrome antes de v14.0.835.163, no maneja adecuadamente matrices de triángulo, lo que permite a atacantes remotos provocar una denegación de servicio (lectura fuera de límites) a través de vectores no especificados. • http://code.google.com/p/chromium/issues/detail?id=95625 http://googlechromereleases.blogspot.com/2011/09/stable-channel-update_16.html http://osvdb.org/75566 https://exchange.xforce.ibmcloud.com/vulnerabilities/69891 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14592 • CWE-125: Out-of-bounds Read •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2011-2849
https://notcve.org/view.php?id=CVE-2011-2849
The WebSockets implementation in Google Chrome before 14.0.835.163 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via unspecified vectors. La implementación de WebSockets en Google Chrome antes de v14.0.835.163, permite a atacantes remotos provocar una denegación de servicio (desreferencia a puntero NULL y caída de la aplicación) a través de vectores no especificados. • http://code.google.com/p/chromium/issues/detail?id=89795 http://googlechromereleases.blogspot.com/2011/09/stable-channel-update_16.html http://osvdb.org/75549 https://exchange.xforce.ibmcloud.com/vulnerabilities/69875 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14047 • CWE-476: NULL Pointer Dereference •