CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0CVE-2011-2850
https://notcve.org/view.php?id=CVE-2011-2850
Google Chrome before 14.0.835.163 does not properly handle Khmer characters, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. Google Chrome antes de v14.0.835.163, no maneja adecuadamente los caracteres Khmer, lo que permite a atacantes remotos provocar una denegación de servicio (lectura fuera de límites) a través de vectores no especificados. • http://code.google.com/p/chromium/issues/detail?id=90134 http://googlechromereleases.blogspot.com/2011/09/stable-channel-update_16.html http://osvdb.org/75551 https://exchange.xforce.ibmcloud.com/vulnerabilities/69877 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14710 • CWE-125: Out-of-bounds Read •
CVSS: 7.5EPSS: 3%CPEs: 4EXPL: 0CVE-2011-2860
https://notcve.org/view.php?id=CVE-2011-2860
Use-after-free vulnerability in Google Chrome before 14.0.835.163 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to table styles. Vulnerabilidad de tipo "usar-después-de-liberar" en Google Chrome antes de la v14.0.835.163 permite a atacantes remotos causar una denegación de servicio o posiblemente tener un impacto no especificado a través de vectores relacionados con estilos de tabla. • http://code.google.com/p/chromium/issues/detail?id=93587 http://googlechromereleases.blogspot.com/2011/09/stable-channel-update_16.html http://lists.apple.com/archives/security-announce/2012/Mar/msg00000.html http://lists.apple.com/archives/security-announce/2012/Mar/msg00001.html http://lists.apple.com/archives/security-announce/2012/Mar/msg00003.html http://osvdb.org/75562 http://secunia.com/advisories/48274 http://secunia.com/advisories/48288 http://secunia.com/advisories/48377 htt • CWE-416: Use After Free •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2011-2835
https://notcve.org/view.php?id=CVE-2011-2835
Race condition in Google Chrome before 14.0.835.163 allows attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the certificate cache. Condición de carrera en Google Chrome antes de la v14.0.835.163, permite a atacantes provocar una denegación de servicio o posiblemente tener un impacto no especificado a través de vectores relacionados con el caché de certificados. • http://code.google.com/p/chromium/issues/detail?id=49377 http://googlechromereleases.blogspot.com/2011/09/stable-channel-update_16.html http://osvdb.org/75536 https://exchange.xforce.ibmcloud.com/vulnerabilities/69862 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14234 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 6.8EPSS: 8%CPEs: 1EXPL: 1CVE-2011-2841 – Google Chrome < 14.0.835.163 - '.pdf' File Handling Memory Corruption
https://notcve.org/view.php?id=CVE-2011-2841
Google Chrome before 14.0.835.163 does not properly perform garbage collection during the processing of PDF documents, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted document. Google Chrome antes de la v14.0.835.163 no realiza correctamente la recolección de basura durante la tramitación de documentos PDF, lo que permite a atacantes remotos causar una denegación de servicio o posiblemente tener un impacto no especificado a través de un documento elaborado para ese fin. • https://www.exploit-db.com/exploits/17929 http://code.google.com/p/chromium/issues/detail?id=78639 http://googlechromereleases.blogspot.com/2011/09/stable-channel-update_16.html http://osvdb.org/75541 http://securityreason.com/securityalert/8411 https://exchange.xforce.ibmcloud.com/vulnerabilities/69868 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14019 • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2011-2856
https://notcve.org/view.php?id=CVE-2011-2856
Google V8, as used in Google Chrome before 14.0.835.163, allows remote attackers to bypass the Same Origin Policy via unspecified vectors. Google V8, como se usa en Google Chrome antes de v14.0.835.163, permite a atacantes remotos eludir la "Same Origin Policy" a través de vectores no especificados. • http://code.google.com/p/chromium/issues/detail?id=93416 http://googlechromereleases.blogspot.com/2011/09/stable-channel-update_16.html http://osvdb.org/75558 https://exchange.xforce.ibmcloud.com/vulnerabilities/69883 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14262 • CWE-346: Origin Validation Error •