Page 607 of 3368 results (0.025 seconds)

CVSS: 6.8EPSS: 1%CPEs: 3EXPL: 0

Google Chrome before 13.0.782.107 allows remote attackers to bypass the Same Origin Policy via vectors related to handling of the base URI. Google Chrome anterior a v13.0.782.107 permite a atacantes remotos evitar la política del mismo origen (Same Origin Policy)a través de vectores relacionado con el manejo de la URI. • http://code.google.com/p/chromium/issues/detail?id=90222 http://googlechromereleases.blogspot.com/2011/08/stable-channel-update.html http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html http://lists.apple.com/archives/Security-announce/2011//Oct/msg00004.html http://osvdb.org/74258 http://support.apple.com/kb/HT4999 http://support.apple.com/kb/HT5000 https://exchange.xforce.ibmcloud.com/vulnerabilities/68969 https://oval.cisecurity.org/repository/search/definition •

CVSS: 4.3EPSS: 1%CPEs: 1EXPL: 1

Google Chrome 14.0.794.0 does not properly handle a reload of a page generated in response to a POST, which allows user-assisted remote attackers to cause a denial of service (application crash) via a crafted web site, related to GetWidget methods. Google Chrome v14.0.794.0 no controla correctamente la recarga de una página generada en respuesta a un POST, que permite a atacantes remotos provocar una denegación de servicio (caída de aplicación ) a través de un sitio web manipulado, en relación con los métodos GetWidget. • http://code.google.com/p/chromium/issues/detail?id=86119 http://codereview.chromium.org/7189019 http://googlechromereleases.blogspot.com/2011/06/dev-channel-update_16.html http://src.chromium.org/viewvc/chrome?view=rev&revision=89409 https://exchange.xforce.ibmcloud.com/vulnerabilities/68857 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13889 • CWE-399: Resource Management Errors •

CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 1

Google Chrome 11 does not block use of a cross-domain image as a WebGL texture, which allows remote attackers to obtain approximate copies of arbitrary images via a timing attack involving a crafted WebGL fragment shader. Google Chrome v11 no bloquea el uso de una imagen de varios dominios (cross-domain) como una textura WebGL, lo que permite a atacantes remotos obtener copias aproximadas de imágenes arbitrarias mediante un ataque de oportunidad que implica un fragmento WebGL manipulado. • http://lists.whatwg.org/pipermail/whatwg-whatwg.org/2011-March/030882.html http://www.contextis.co.uk/resources/blog/webgl https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14183 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 6.8EPSS: 4%CPEs: 4EXPL: 0

Use-after-free vulnerability in Google Chrome before 12.0.742.112 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving SVG use elements. Vulnerabilidad de uso después de liberación (use-after-free) en Google Chrome v12.0.742.112 permite a atacantes remotos provocar una denegación de servicio o posiblemente tener otro impacto no especificado a través de vectores que implican el uso de elementos SVG. • http://code.google.com/p/chromium/issues/detail?id=85211 http://googlechromereleases.blogspot.com/2011/06/stable-channel-update_28.html http://lists.apple.com/archives/Security-announce/2011//Oct/msg00000.html http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html http://lists.apple.com/archives/Security-announce/2011//Oct/msg00004.html http://secunia.com/advisories/45097 http://support.apple.com/kb/HT4981 http://support.apple.com/kb/HT4999 http://support& • CWE-416: Use After Free •

CVSS: 6.8EPSS: 1%CPEs: 1EXPL: 0

Use-after-free vulnerability in Google Chrome before 12.0.742.112 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving SVG fonts. Vulnerabilidad use-after-free en Google Chrome antes de v12.0.742.112 permite a atacantes remotos provocar una denegación de servicio o posiblemente tener otro impacto no especificado a través de vectores que impliquen fuentes SVG. • http://code.google.com/p/chromium/issues/detail?id=84355 http://googlechromereleases.blogspot.com/2011/06/stable-channel-update_28.html http://secunia.com/advisories/45097 http://www.securitytracker.com/id?1025730 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14103 • CWE-416: Use After Free •