CVSS: 9.3EPSS: 13%CPEs: 4EXPL: 0CVE-2011-2825 – Webkit fontface Invalid Font Family Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2011-2825
Use-after-free vulnerability in Google Chrome before 13.0.782.215 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving custom fonts. Vulnerabilidad de uso después de la liberación en Google Chrome v13.0.782.215, permite a atacantes remotos producir una denegación de servicio (caída de aplicación) o posiblemente ejecutar código arbitrario mediante las fuentes personalizadas. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Webkit. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing and utilization of font objects. When the code parses the @font-face CSS element it does not validate that the font-family is legitimate. • http://code.google.com/p/chromium/issues/detail?id=88670 http://googlechromereleases.blogspot.com/2011/08/stable-channel-update_22.html http://lists.apple.com/archives/security-announce/2012/Mar/msg00000.html http://lists.apple.com/archives/security-announce/2012/Mar/msg00001.html http://lists.apple.com/archives/security-announce/2012/Mar/msg00003.html http://secunia.com/advisories/48274 http://secunia.com/advisories/48288 http://secunia.com/advisories/48377 http://www.securitytracker.com& • CWE-416: Use After Free •
CVSS: 5.8EPSS: 0%CPEs: 59EXPL: 0CVE-2008-7294
https://notcve.org/view.php?id=CVE-2008-7294
Google Chrome before 4.0.211.0 cannot properly restrict modifications to cookies established in HTTPS sessions, which allows man-in-the-middle attackers to overwrite or delete arbitrary cookies via a Set-Cookie header in an HTTP response, related to lack of the HTTP Strict Transport Security (HSTS) includeSubDomains feature, aka a "cookie forcing" issue. Google Chrome en versiones anteriors a la 4.0.211.0 no restringe apropiadamente las modificaciones a las cookies establecidas en las sesiones HTTPS, lo que facilita a atacantes "man-in-the-middle" sobreescribir o borrar cookies arbitrarias a través de una cabecera Set-Cookie en una respuesta HTTP, relacionado con una fallo en la funcionalidad HTTP Strict Transport Security (HSTS) includeSubDomains. También conocido como un problema "cookie forcing". • http://code.google.com/p/browsersec/wiki/Part2#Same-origin_policy_for_cookies http://lists.w3.org/Archives/Public/public-webapps/2009JulSep/1148.html http://michael-coates.blogspot.com/2010/01/cookie-forcing-trust-your-cookies-no.html http://scarybeastsecurity.blogspot.com/2008/11/cookie-forcing.html http://scarybeastsecurity.blogspot.com/2011/02/some-less-obvious-benefits-of-hsts.html https://bugzilla.mozilla.org/show_bug.cgi?id=660053 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2011-2802
https://notcve.org/view.php?id=CVE-2011-2802
Google V8, as used in Google Chrome before 13.0.782.107, does not properly perform const lookups, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted web site. Google V8, como se usa en Google Chrome antes de la v13.0.782.107, no realizar bien las búsquedas constantes y permite a atacantes remotos provocar una denegación de servicio (caída de aplicación) o posiblemente tener un impacto no especificado a través de un sitio web diseñado. • http://code.google.com/p/chromium/issues/detail?id=88591 http://googlechromereleases.blogspot.com/2011/08/stable-channel-update.html http://osvdb.org/74253 https://exchange.xforce.ibmcloud.com/vulnerabilities/68964 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14236 • CWE-20: Improper Input Validation •
CVSS: 2.1EPSS: 0%CPEs: 1EXPL: 0CVE-2011-2784
https://notcve.org/view.php?id=CVE-2011-2784
Google Chrome before 13.0.782.107 allows remote attackers to obtain sensitive information via a request for the GL program log, which reveals a local path in an unspecified log entry. Google Chrome anterior a v13.0.782.107 permite a atacantes remotos obtener información sensible a través de una solicitud de registro del programa GL, lo que revela una ruta local en una entrada de registro especificado. • http://code.google.com/p/chromium/issues/detail?id=83841 http://googlechromereleases.blogspot.com/2011/08/stable-channel-update.html http://osvdb.org/74234 https://exchange.xforce.ibmcloud.com/vulnerabilities/68946 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14580 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2011-2794
https://notcve.org/view.php?id=CVE-2011-2794
Google Chrome before 13.0.782.107 does not properly perform text iteration, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. Google Chrome anterior a v13.0.782.107 no desarrolla adecuadamente iteraciones de texto, lo que permite a atacantes remotos provocar una denegación de servicio a través de (lectura fuera de límites)vectores no especificados. • http://code.google.com/p/chromium/issues/detail?id=87298 http://googlechromereleases.blogspot.com/2011/08/stable-channel-update.html http://osvdb.org/74244 https://exchange.xforce.ibmcloud.com/vulnerabilities/68956 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14515 • CWE-125: Out-of-bounds Read •