CVE-2011-2841 – Google Chrome < 14.0.835.163 - '.pdf' File Handling Memory Corruption
https://notcve.org/view.php?id=CVE-2011-2841
Google Chrome before 14.0.835.163 does not properly perform garbage collection during the processing of PDF documents, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted document. Google Chrome antes de la v14.0.835.163 no realiza correctamente la recolección de basura durante la tramitación de documentos PDF, lo que permite a atacantes remotos causar una denegación de servicio o posiblemente tener un impacto no especificado a través de un documento elaborado para ese fin. • https://www.exploit-db.com/exploits/17929 http://code.google.com/p/chromium/issues/detail?id=78639 http://googlechromereleases.blogspot.com/2011/09/stable-channel-update_16.html http://osvdb.org/75541 http://securityreason.com/securityalert/8411 https://exchange.xforce.ibmcloud.com/vulnerabilities/69868 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14019 • CWE-20: Improper Input Validation •
CVE-2011-2838
https://notcve.org/view.php?id=CVE-2011-2838
Google Chrome before 14.0.835.163 does not properly consider the MIME type during the loading of a plug-in, which has unspecified impact and remote attack vectors. Google Chrome antes de v14.0.835.163 no considera de forma correcta el tipo MIME durante la carga de un plug-in, lo que tiene un impacto no especificado y vectores de ataque remotos. • http://code.google.com/p/chromium/issues/detail?id=75070 http://googlechromereleases.blogspot.com/2011/09/stable-channel-update_16.html http://osvdb.org/75539 https://exchange.xforce.ibmcloud.com/vulnerabilities/69865 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14261 • CWE-20: Improper Input Validation •
CVE-2011-2854
https://notcve.org/view.php?id=CVE-2011-2854
Use-after-free vulnerability in Google Chrome before 14.0.835.163 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to "ruby / table style handing." Vulnerabilidad de uso después de liberación en Google Chrome antes de v14.0.835.163 permite a atacantes remotos causar una denegación de servicio o posiblemente tener un impacto no especificado a través de vectores relacionados con "el manejo del estilo ruby/table." • http://code.google.com/p/chromium/issues/detail?id=92651 http://code.google.com/p/chromium/issues/detail?id=94800 http://googlechromereleases.blogspot.com/2011/09/stable-channel-update_16.html http://lists.apple.com/archives/security-announce/2012/Mar/msg00000.html http://lists.apple.com/archives/security-announce/2012/Mar/msg00001.html http://lists.apple.com/archives/security-announce/2012/Mar/msg00003.html http://osvdb.org/75556 http://secunia.com/advisories/48274 http://secunia • CWE-416: Use After Free •
CVE-2011-2837
https://notcve.org/view.php?id=CVE-2011-2837
Google Chrome before 14.0.835.163 on Linux does not use the PIC and PIE compiler options for position-independent code, which has unspecified impact and attack vectors. Google Chrome en Linux antes de la v14.0.835.163 no utiliza el PIC y las opciones del compilador para PIE para código de posición independiente, que tiene un impacto no especificado y vectores de ataque. • http://code.google.com/p/chromium/issues/detail?id=57908 http://googlechromereleases.blogspot.com/2011/09/stable-channel-update_16.html http://osvdb.org/75538 https://exchange.xforce.ibmcloud.com/vulnerabilities/69864 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14139 •
CVE-2011-2875
https://notcve.org/view.php?id=CVE-2011-2875
Google V8, as used in Google Chrome before 14.0.835.163, does not properly perform object sealing, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that leverage "type confusion." Google V8, como el usado en Google Chrome antes de la v14.0.835.163, no realiza adecuadamente el sellado de objetos, el cual permite a atacantes remotos causar una denegación de servicio o posiblemente tener un impacto no especificado a través de vectores que aprovechan la "confusión de tipo." (type confusion) • http://code.google.com/p/chromium/issues/detail?id=95920 http://googlechromereleases.blogspot.com/2011/09/stable-channel-update_16.html http://osvdb.org/75554 https://exchange.xforce.ibmcloud.com/vulnerabilities/69893 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14229 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •