CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 0CVE-2011-1804
https://notcve.org/view.php?id=CVE-2011-1804
rendering/RenderBox.cpp in WebCore in WebKit before r86862, as used in Google Chrome before 11.0.696.71, does not properly render floats, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer." rendering/RenderBox.cpp en WebCore en WebKit anteriores a r86862, tal como se usa en Google Chrome anterior a v11.0.696.71, no gestionan de forma adecuada los números flotantes, lo que permite a atacantes remotos provocar una denegación de servicio o posiblemente tener un impacto no especificado a través de vectores desconocidos que llevan a un "puntero viejo". • http://code.google.com/p/chromium/issues/detail?id=82546 http://codereview.chromium.org/7050016 http://googlechromereleases.blogspot.com/2011/05/stable-channel-update_24.html http://trac.webkit.org/changeset/86862 http://www.securityfocus.com/bid/47965 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13992 • CWE-20: Improper Input Validation •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2011-1807
https://notcve.org/view.php?id=CVE-2011-1807
Google Chrome before 11.0.696.71 does not properly handle blobs, which allows remote attackers to execute arbitrary code via unspecified vectors that trigger an out-of-bounds write. Google Chrome anterior a v11.0.696.71 no controla correctamente las "blobs", lo que permite a atacantes remotos ejecutar código arbitrario a través de vectores no especificados que provocan una escritura fuera del límite. • http://code.google.com/p/chromium/issues/detail?id=82903 http://googlechromereleases.blogspot.com/2011/05/stable-channel-update_24.html http://www.securityfocus.com/bid/47963 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14471 • CWE-787: Out-of-bounds Write •
CVSS: 6.8EPSS: 0%CPEs: 3EXPL: 0CVE-2011-1799
https://notcve.org/view.php?id=CVE-2011-1799
Google Chrome before 11.0.696.68 does not properly perform casts of variables during interaction with the WebKit engine, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. Google Chrome con anterioridad a v11.0.696.68 no realiza correctamente los conversión de las variables durante la interacción con el motor WebKit, que permite a atacantes remotos provocar una denegación de servicio o posiblemente tener un impacto no especificado a través de vectores desconocidos. • http://code.google.com/p/chromium/issues/detail?id=64046 http://googlechromereleases.blogspot.com/2011/05/stable-channel-update.html http://www.debian.org/security/2011/dsa-2245 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14029 • CWE-704: Incorrect Type Conversion or Cast •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2011-1800
https://notcve.org/view.php?id=CVE-2011-1800
Multiple integer overflows in the SVG Filters implementation in WebCore in WebKit in Google Chrome before 11.0.696.68 allow remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. Múltiples desbordamientos de enteros en la implementación de los filtros SVG del WebCore en el Webkit de Google Chrome con anterioridad a v11.0.696.68 permite a los atacantes remotos a provocar una denegación del servicio o posiblemente causar otros impactos mediante vectores no especificados. • http://code.google.com/p/chromium/issues/detail?id=80608 http://codereview.chromium.org/6949013 http://googlechromereleases.blogspot.com/2011/05/stable-channel-update.html http://trac.webkit.org/changeset/85996 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14187 • CWE-190: Integer Overflow or Wraparound •
CVSS: 9.3EPSS: 0%CPEs: 3EXPL: 0CVE-2011-2075
https://notcve.org/view.php?id=CVE-2011-2075
Unspecified vulnerability in Google Chrome 11.0.696.65 on Windows 7 SP1 allows remote attackers to execute arbitrary code via unknown vectors. NOTE: as of 20110510, the only disclosure is a vague advisory that possibly relates to multiple vulnerabilities or multiple products. However, because it is from a well-known researcher, it is being assigned a CVE identifier for tracking purposes. Vulnerabilidad no especificada en Google Chrome versión 11.0.696.65 en Windows 7 SP1, permite a atacantes remotos ejecutar código arbitrario por medio de vectores desconocidos. NOTA: a partir del 10-05-2011, la única divulgación es un aviso vago que posiblemente se relaciona con múltiples vulnerabilidades o múltiples productos. • http://www.securityfocus.com/bid/47771 http://www.vupen.com/demos/VUPEN_Pwning_Chrome.php http://www.youtube.com/watch?v=c8cQ0yU89sk https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14099 •