CVE-2011-2847
https://notcve.org/view.php?id=CVE-2011-2847
Use-after-free vulnerability in the document loader in Google Chrome before 14.0.835.163 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted document. Vulnerabilidad de tipo "usar-después-de-liberar" en el cargador de documentos en Google Chrome antes de la v14.0.835.163 permite a atacantes remotos causar una denegación de servicio o posiblemente tener un impacto no especificado a través de un documento preparado para ese fin. • http://code.google.com/p/chromium/issues/detail?id=89330 http://googlechromereleases.blogspot.com/2011/09/stable-channel-update_16.html http://lists.apple.com/archives/security-announce/2012/Mar/msg00000.html http://lists.apple.com/archives/security-announce/2012/Mar/msg00001.html http://lists.apple.com/archives/security-announce/2012/Mar/msg00003.html http://osvdb.org/75547 http://secunia.com/advisories/48274 http://secunia.com/advisories/48288 http://secunia.com/advisories/48377 htt • CWE-416: Use After Free •
CVE-2011-2858
https://notcve.org/view.php?id=CVE-2011-2858
Google Chrome before 14.0.835.163 does not properly handle triangle arrays, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. Google Chrome antes de v14.0.835.163, no maneja adecuadamente matrices de triángulo, lo que permite a atacantes remotos provocar una denegación de servicio (lectura fuera de límites) a través de vectores no especificados. • http://code.google.com/p/chromium/issues/detail?id=95625 http://googlechromereleases.blogspot.com/2011/09/stable-channel-update_16.html http://osvdb.org/75566 https://exchange.xforce.ibmcloud.com/vulnerabilities/69891 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14592 • CWE-125: Out-of-bounds Read •
CVE-2011-2856
https://notcve.org/view.php?id=CVE-2011-2856
Google V8, as used in Google Chrome before 14.0.835.163, allows remote attackers to bypass the Same Origin Policy via unspecified vectors. Google V8, como se usa en Google Chrome antes de v14.0.835.163, permite a atacantes remotos eludir la "Same Origin Policy" a través de vectores no especificados. • http://code.google.com/p/chromium/issues/detail?id=93416 http://googlechromereleases.blogspot.com/2011/09/stable-channel-update_16.html http://osvdb.org/75558 https://exchange.xforce.ibmcloud.com/vulnerabilities/69883 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14262 • CWE-346: Origin Validation Error •
CVE-2011-2840
https://notcve.org/view.php?id=CVE-2011-2840
Google Chrome before 14.0.835.163 allows user-assisted remote attackers to spoof the URL bar via vectors related to "unusual user interaction." Google Chrome antes de v14.0.835.163 permite falsificar la barra de URL a atacantes remotos, con la ayuda de usuarios locales, a través de vectores relacionados con "una interacción inusual del usuario". • http://code.google.com/p/chromium/issues/detail?id=78427 http://code.google.com/p/chromium/issues/detail?id=83031 http://googlechromereleases.blogspot.com/2011/09/stable-channel-update_16.html http://osvdb.org/75546 https://exchange.xforce.ibmcloud.com/vulnerabilities/69867 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14491 • CWE-20: Improper Input Validation •
CVE-2011-2848
https://notcve.org/view.php?id=CVE-2011-2848
Google Chrome before 14.0.835.163 allows user-assisted remote attackers to spoof the URL bar via vectors related to the forward button. Google Chrome antes de v14.0.835.163 permite falsificar la barra de URL a atacantes remotos, con la ayuda de usuarios locales, a través de vectores relacionados con el botón de avance. • http://code.google.com/p/chromium/issues/detail?id=89564 http://googlechromereleases.blogspot.com/2011/09/stable-channel-update_16.html http://osvdb.org/75548 https://exchange.xforce.ibmcloud.com/vulnerabilities/69874 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13915 • CWE-20: Improper Input Validation •