CVE-2011-2787
https://notcve.org/view.php?id=CVE-2011-2787
Google Chrome before 13.0.782.107 does not properly address re-entrancy issues associated with the GPU lock, which allows remote attackers to cause a denial of service (application crash) via unspecified vectors. Google Chrome en versiones anteriores a la 13.0.782.107 no gestiona adecuadamente operaciones de re-entrada asociados con la salvaguarda ("lock") GPU, lo que permite a atacantes remotos provocar una denegación de servicio (caída de la aplicación) a través de vectores sin especificar. • http://code.google.com/p/chromium/issues/detail?id=84805 http://googlechromereleases.blogspot.com/2011/08/stable-channel-update.html http://osvdb.org/74237 https://exchange.xforce.ibmcloud.com/vulnerabilities/68949 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14533 • CWE-20: Improper Input Validation •
CVE-2011-2803
https://notcve.org/view.php?id=CVE-2011-2803
Google Chrome before 13.0.782.107 does not properly handle Skia paths, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. Google Chrome anterior a v13.0.782.10, no maneja adecuadamente las rutas Skia, esto permite a atacantes remotos provocar una denegación de servicio (lectura fuera de límites), a través de vectores no especificados. • http://code.google.com/p/chromium/issues/detail?id=88827 http://googlechromereleases.blogspot.com/2011/08/stable-channel-update.html http://osvdb.org/74254 https://exchange.xforce.ibmcloud.com/vulnerabilities/68965 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14333 • CWE-125: Out-of-bounds Read •
CVE-2011-2786
https://notcve.org/view.php?id=CVE-2011-2786
Google Chrome before 13.0.782.107 does not ensure that the speech-input bubble is shown on the product's screen, which might make it easier for remote attackers to make audio recordings via a crafted web page containing an INPUT element. Google Chrome anterior a v13.0.782.107 no asegura que la entrada de expresiones en bubble esé caída en los productos de pantalla, lo que permite hacer más fácil para atacantes remotos hacer grabaciones de audio a través de páginas web manipuladas que contiene un elemento INPUT. • http://code.google.com/p/chromium/issues/detail?id=84600 http://googlechromereleases.blogspot.com/2011/08/stable-channel-update.html http://osvdb.org/74236 https://exchange.xforce.ibmcloud.com/vulnerabilities/68948 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14331 • CWE-20: Improper Input Validation •
CVE-2011-2789
https://notcve.org/view.php?id=CVE-2011-2789
Use-after-free vulnerability in Google Chrome before 13.0.782.107 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to instantiation of the Pepper plug-in. Vulnerabilidad de tipo "usar después de liberar" en Google Chrome en versiones anteriores a la 13.0.782.107 permite a atacantes remotos provocar una denegación de servicio o tener otro impacto sin especificar a través de vectores relacionados con la instanciación del complemento Pepper. • http://code.google.com/p/chromium/issues/detail?id=85808 http://googlechromereleases.blogspot.com/2011/08/stable-channel-update.html http://osvdb.org/74239 https://exchange.xforce.ibmcloud.com/vulnerabilities/68951 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14751 • CWE-416: Use After Free •
CVE-2011-2797
https://notcve.org/view.php?id=CVE-2011-2797
Use-after-free vulnerability in Google Chrome before 13.0.782.107 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to resource caching. Vulnerabilidad use-after-free en Google Chrome anterior a v13.0.782.107 permite a atacantes remotos provocar una denegación de servicio o posiblemente tener otro impacto a través de vectores relacionados con recursos de caché. • http://code.google.com/p/chromium/issues/detail?id=87729 http://googlechromereleases.blogspot.com/2011/08/stable-channel-update.html http://lists.apple.com/archives/Security-announce/2011//Oct/msg00000.html http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html http://lists.apple.com/archives/Security-announce/2011//Oct/msg00004.html http://osvdb.org/74247 http://support.apple.com/kb/HT4981 http://support.apple.com/kb/HT4999 http://support.apple.com/kb • CWE-416: Use After Free •