CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2011-2802
https://notcve.org/view.php?id=CVE-2011-2802
Google V8, as used in Google Chrome before 13.0.782.107, does not properly perform const lookups, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted web site. Google V8, como se usa en Google Chrome antes de la v13.0.782.107, no realizar bien las búsquedas constantes y permite a atacantes remotos provocar una denegación de servicio (caída de aplicación) o posiblemente tener un impacto no especificado a través de un sitio web diseñado. • http://code.google.com/p/chromium/issues/detail?id=88591 http://googlechromereleases.blogspot.com/2011/08/stable-channel-update.html http://osvdb.org/74253 https://exchange.xforce.ibmcloud.com/vulnerabilities/68964 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14236 • CWE-20: Improper Input Validation •
CVSS: 2.1EPSS: 0%CPEs: 1EXPL: 0CVE-2011-2784
https://notcve.org/view.php?id=CVE-2011-2784
Google Chrome before 13.0.782.107 allows remote attackers to obtain sensitive information via a request for the GL program log, which reveals a local path in an unspecified log entry. Google Chrome anterior a v13.0.782.107 permite a atacantes remotos obtener información sensible a través de una solicitud de registro del programa GL, lo que revela una ruta local en una entrada de registro especificado. • http://code.google.com/p/chromium/issues/detail?id=83841 http://googlechromereleases.blogspot.com/2011/08/stable-channel-update.html http://osvdb.org/74234 https://exchange.xforce.ibmcloud.com/vulnerabilities/68946 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14580 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2011-2794
https://notcve.org/view.php?id=CVE-2011-2794
Google Chrome before 13.0.782.107 does not properly perform text iteration, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. Google Chrome anterior a v13.0.782.107 no desarrolla adecuadamente iteraciones de texto, lo que permite a atacantes remotos provocar una denegación de servicio a través de (lectura fuera de límites)vectores no especificados. • http://code.google.com/p/chromium/issues/detail?id=87298 http://googlechromereleases.blogspot.com/2011/08/stable-channel-update.html http://osvdb.org/74244 https://exchange.xforce.ibmcloud.com/vulnerabilities/68956 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14515 • CWE-125: Out-of-bounds Read •
CVSS: 6.8EPSS: 1%CPEs: 3EXPL: 0CVE-2011-2819
https://notcve.org/view.php?id=CVE-2011-2819
Google Chrome before 13.0.782.107 allows remote attackers to bypass the Same Origin Policy via vectors related to handling of the base URI. Google Chrome anterior a v13.0.782.107 permite a atacantes remotos evitar la política del mismo origen (Same Origin Policy)a través de vectores relacionado con el manejo de la URI. • http://code.google.com/p/chromium/issues/detail?id=90222 http://googlechromereleases.blogspot.com/2011/08/stable-channel-update.html http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html http://lists.apple.com/archives/Security-announce/2011//Oct/msg00004.html http://osvdb.org/74258 http://support.apple.com/kb/HT4999 http://support.apple.com/kb/HT5000 https://exchange.xforce.ibmcloud.com/vulnerabilities/68969 https://oval.cisecurity.org/repository/search/definition •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2011-2785
https://notcve.org/view.php?id=CVE-2011-2785
The extensions implementation in Google Chrome before 13.0.782.107 does not properly validate the URL for the home page, which allows remote attackers to have an unspecified impact via a crafted extension. La implementación de extensiones de Google Chrome anterior a v13.0.782.107 no valida correctamente la dirección URL de la página principal, lo que permite a atacantes remotos tener un impacto no especificado a través de una extensión manipulada. • http://code.google.com/p/chromium/issues/detail?id=84402 http://googlechromereleases.blogspot.com/2011/08/stable-channel-update.html http://osvdb.org/74235 https://exchange.xforce.ibmcloud.com/vulnerabilities/68947 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14298 • CWE-20: Improper Input Validation •