CVE-2011-2799
https://notcve.org/view.php?id=CVE-2011-2799
Use-after-free vulnerability in Google Chrome before 13.0.782.107 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to HTML range handling. Vulnerabilidad use-after-free en Google Chrome anterior a v13.0.782.107 permite a atacantes remotos provocar una denegación de servicio o posiblemente tener otro impacto a través de vectores relacionados con el manejo de HTML. • http://code.google.com/p/chromium/issues/detail?id=87925 http://googlechromereleases.blogspot.com/2011/08/stable-channel-update.html http://lists.apple.com/archives/Security-announce/2011//Oct/msg00000.html http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html http://lists.apple.com/archives/Security-announce/2011//Oct/msg00004.html http://osvdb.org/74250 http://support.apple.com/kb/HT4981 http://support.apple.com/kb/HT4999 http://support.apple.com/kb • CWE-416: Use After Free •
CVE-2011-2818
https://notcve.org/view.php?id=CVE-2011-2818
Use-after-free vulnerability in Google Chrome before 13.0.782.107 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to display box rendering. Vulnerabilidad de tipo "usar después de liberar" en Google Chrome en versiones anteriores a la 13.0.782.107 permite a atacantes remotos provocar una denegación de servicio o tener otro impacto sin especificar a través de vectores relacionados con la visualización del "display box". • http://code.google.com/p/chromium/issues/detail?id=88889 http://googlechromereleases.blogspot.com/2011/08/stable-channel-update.html http://lists.apple.com/archives/Security-announce/2011//Oct/msg00000.html http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html http://lists.apple.com/archives/Security-announce/2011//Oct/msg00004.html http://osvdb.org/74255 http://support.apple.com/kb/HT4981 http://support.apple.com/kb/HT4999 http://support.apple.com/kb • CWE-416: Use After Free •
CVE-2011-2798
https://notcve.org/view.php?id=CVE-2011-2798
Google Chrome before 13.0.782.107 does not properly restrict access to internal schemes, which allows remote attackers to have an unspecified impact via a crafted web site. Google Chrome anterior a v13.0.782.107 no restringe adecuadamente el acceso a esquemas internos, esto permite a atacantes remotos modificar un sitio web, lo que provocaría un impacto no especificado. • http://code.google.com/p/chromium/issues/detail?id=87815 http://googlechromereleases.blogspot.com/2011/08/stable-channel-update.html http://osvdb.org/74248 https://exchange.xforce.ibmcloud.com/vulnerabilities/68960 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14284 •
CVE-2011-2783
https://notcve.org/view.php?id=CVE-2011-2783
Google Chrome before 13.0.782.107 does not ensure that developer-mode NPAPI extension installations are confirmed by a browser dialog, which makes it easier for remote attackers to modify the product's functionality via a Trojan horse extension. Google Chrome anterior a v13.0.782.107 no asegura que en modo desarrolador, las instalaciones de extensión NPAPI han sido confirmadas por un cuadro de diálogo del navegador, lo que hace que sea más fácil para los atacantes remotos modificar la funcionalidad del producto a través de una extensión con un troyano. • http://code.google.com/p/chromium/issues/detail?id=83273 http://googlechromereleases.blogspot.com/2011/08/stable-channel-update.html http://osvdb.org/74233 https://exchange.xforce.ibmcloud.com/vulnerabilities/68945 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14406 • CWE-20: Improper Input Validation •
CVE-2011-2361
https://notcve.org/view.php?id=CVE-2011-2361
The Basic Authentication dialog implementation in Google Chrome before 13.0.782.107 does not properly handle strings, which might make it easier for remote attackers to capture credentials via a crafted web site. La implementación del cuadro de diálogo Basic Authentication en Google Chrome anteriores a v13.0.782.107 no controla correctamente las cadenas, lo que podría facilitar a los atacantes remotos a capturar las credenciales a través de un sitio web manipulado. • http://code.google.com/p/chromium/issues/detail?id=79426 http://googlechromereleases.blogspot.com/2011/08/stable-channel-update.html http://osvdb.org/74231 https://exchange.xforce.ibmcloud.com/vulnerabilities/68943 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14595 • CWE-287: Improper Authentication •