CVSS: 6.8EPSS: 1%CPEs: 1EXPL: 0CVE-2011-2875
https://notcve.org/view.php?id=CVE-2011-2875
Google V8, as used in Google Chrome before 14.0.835.163, does not properly perform object sealing, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that leverage "type confusion." Google V8, como el usado en Google Chrome antes de la v14.0.835.163, no realiza adecuadamente el sellado de objetos, el cual permite a atacantes remotos causar una denegación de servicio o posiblemente tener un impacto no especificado a través de vectores que aprovechan la "confusión de tipo." (type confusion) • http://code.google.com/p/chromium/issues/detail?id=95920 http://googlechromereleases.blogspot.com/2011/09/stable-channel-update_16.html http://osvdb.org/75554 https://exchange.xforce.ibmcloud.com/vulnerabilities/69893 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14229 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2011-2840
https://notcve.org/view.php?id=CVE-2011-2840
Google Chrome before 14.0.835.163 allows user-assisted remote attackers to spoof the URL bar via vectors related to "unusual user interaction." Google Chrome antes de v14.0.835.163 permite falsificar la barra de URL a atacantes remotos, con la ayuda de usuarios locales, a través de vectores relacionados con "una interacción inusual del usuario". • http://code.google.com/p/chromium/issues/detail?id=78427 http://code.google.com/p/chromium/issues/detail?id=83031 http://googlechromereleases.blogspot.com/2011/09/stable-channel-update_16.html http://osvdb.org/75546 https://exchange.xforce.ibmcloud.com/vulnerabilities/69867 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14491 • CWE-20: Improper Input Validation •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2011-2848
https://notcve.org/view.php?id=CVE-2011-2848
Google Chrome before 14.0.835.163 allows user-assisted remote attackers to spoof the URL bar via vectors related to the forward button. Google Chrome antes de v14.0.835.163 permite falsificar la barra de URL a atacantes remotos, con la ayuda de usuarios locales, a través de vectores relacionados con el botón de avance. • http://code.google.com/p/chromium/issues/detail?id=89564 http://googlechromereleases.blogspot.com/2011/09/stable-channel-update_16.html http://osvdb.org/75548 https://exchange.xforce.ibmcloud.com/vulnerabilities/69874 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13915 • CWE-20: Improper Input Validation •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2011-2861
https://notcve.org/view.php?id=CVE-2011-2861
Google Chrome before 14.0.835.163 does not properly handle strings in PDF documents, which allows remote attackers to have an unspecified impact via a crafted document that triggers an incorrect read operation. Google Chrome antes de v14.0.835.163, maneja adecuadamente las cadenas en documentos PDF, lo que permite a atacantes remotos tener un impacto no especificado a través de un documento modificado que dispara una operación de lectura incorrecta. • http://code.google.com/p/chromium/issues/detail?id=93596 http://googlechromereleases.blogspot.com/2011/09/stable-channel-update_16.html http://osvdb.org/75563 https://exchange.xforce.ibmcloud.com/vulnerabilities/69888 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14677 • CWE-20: Improper Input Validation •
CVSS: 6.8EPSS: 4%CPEs: 10EXPL: 0CVE-2011-2834 – libxml2: double-free caused by malformed XPath expression in XSLT
https://notcve.org/view.php?id=CVE-2011-2834
Double free vulnerability in libxml2, as used in Google Chrome before 14.0.835.163, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to XPath handling. Vulnerabilidad de doble liberación en libxml2, tal y como se usa en Google Chrome antes de v14.0.835.163, permite a atacantes remotos causar una denegación de servicio o posiblemente tener un impacto no especificado a través de vectores relacionados con el manejo de XPath. • http://code.google.com/p/chromium/issues/detail?id=93472 http://googlechromereleases.blogspot.com/2011/09/stable-channel-update_16.html http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041 http://lists.apple.com/archives/security-announce/2012/May/msg00001.html http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html http://osvdb.org/75560 http://rhn.redhat.com/errata/RHSA-2013-0217.html http://support.apple.com/kb/HT5281 http://support. • CWE-415: Double Free •