CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2011-2829
https://notcve.org/view.php?id=CVE-2011-2829
Integer overflow in Google Chrome before 13.0.782.215 on 32-bit platforms allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving uniform arrays. Desbordamiento de entero en Google Chrome anterior a v13.0.782.215 en plataformas de 32-bit permite a atacantes remotos provocar una denegación de servicio o posiblemente tener otro impacto desconocido a través de vectores que envuelven arrays uniforme. • http://code.google.com/p/chromium/issues/detail?id=91598 http://googlechromereleases.blogspot.com/2011/08/stable-channel-update_22.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14516 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.5EPSS: 3%CPEs: 4EXPL: 0CVE-2011-2827
https://notcve.org/view.php?id=CVE-2011-2827
Use-after-free vulnerability in Google Chrome before 13.0.782.215 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to text searching. Vulnerabilidad de uso después de la liberación en Google Chrome v13.0.782.215, permite a atacantes remotos producir una denegación de servicio (caída de aplicación) o posiblemente ejecutar código arbitrario mediante vectores relacionados con la búsqueda de texto. • http://code.google.com/p/chromium/issues/detail?id=90668 http://googlechromereleases.blogspot.com/2011/08/stable-channel-update_22.html http://lists.apple.com/archives/Security-announce/2011//Oct/msg00000.html http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html http://lists.apple.com/archives/Security-announce/2011//Oct/msg00004.html http://support.apple.com/kb/HT4981 http://support.apple.com/kb/HT4999 http://support.apple.com/kb/HT5000 https://oval • CWE-416: Use After Free •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2011-2828
https://notcve.org/view.php?id=CVE-2011-2828
Google V8, as used in Google Chrome before 13.0.782.215, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that trigger an out-of-bounds write. Google V8, como se usa en Google Chrome antes de 13.0.782.215, permite a atacantes remotos causar una denegación de servicio o posiblemente tener un impacto no especificado a través de vectores desconocidos que provocan una escritura fuera de los límites. • http://code.google.com/p/chromium/issues/detail?id=91517 http://googlechromereleases.blogspot.com/2011/08/stable-channel-update_22.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14265 • CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 2%CPEs: 10EXPL: 0CVE-2011-2821 – libxml2: double free caused by malformed XPath expression in XSLT
https://notcve.org/view.php?id=CVE-2011-2821
Double free vulnerability in libxml2, as used in Google Chrome before 13.0.782.215, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted XPath expression. Doble vulnerabilidad libre en libxml2, como se usa en Google Chrome antes de v13.0.782.215, permite a atacantes remotos causar una denegación de servicio o posiblemente tener un impacto no especificado a través de una expresión XPath manipulada. • http://code.google.com/p/chromium/issues/detail?id=89402 http://googlechromereleases.blogspot.com/2011/08/stable-channel-update_22.html http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041 http://lists.apple.com/archives/security-announce/2012/May/msg00001.html http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html http://rhn.redhat.com/errata/RHSA-2013-0217.html http://support.apple.com/kb/HT5281 http://support.apple.com/kb/HT5503 http:&#x • CWE-415: Double Free CWE-672: Operation on a Resource after Expiration or Release •
CVSS: 9.3EPSS: 13%CPEs: 4EXPL: 0CVE-2011-2825 – Webkit fontface Invalid Font Family Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2011-2825
Use-after-free vulnerability in Google Chrome before 13.0.782.215 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving custom fonts. Vulnerabilidad de uso después de la liberación en Google Chrome v13.0.782.215, permite a atacantes remotos producir una denegación de servicio (caída de aplicación) o posiblemente ejecutar código arbitrario mediante las fuentes personalizadas. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Webkit. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing and utilization of font objects. When the code parses the @font-face CSS element it does not validate that the font-family is legitimate. • http://code.google.com/p/chromium/issues/detail?id=88670 http://googlechromereleases.blogspot.com/2011/08/stable-channel-update_22.html http://lists.apple.com/archives/security-announce/2012/Mar/msg00000.html http://lists.apple.com/archives/security-announce/2012/Mar/msg00001.html http://lists.apple.com/archives/security-announce/2012/Mar/msg00003.html http://secunia.com/advisories/48274 http://secunia.com/advisories/48288 http://secunia.com/advisories/48377 http://www.securitytracker.com& • CWE-416: Use After Free •