CVSS: 9.3EPSS: 0%CPEs: 3EXPL: 0CVE-2011-2075
https://notcve.org/view.php?id=CVE-2011-2075
Unspecified vulnerability in Google Chrome 11.0.696.65 on Windows 7 SP1 allows remote attackers to execute arbitrary code via unknown vectors. NOTE: as of 20110510, the only disclosure is a vague advisory that possibly relates to multiple vulnerabilities or multiple products. However, because it is from a well-known researcher, it is being assigned a CVE identifier for tracking purposes. Vulnerabilidad no especificada en Google Chrome versión 11.0.696.65 en Windows 7 SP1, permite a atacantes remotos ejecutar código arbitrario por medio de vectores desconocidos. NOTA: a partir del 10-05-2011, la única divulgación es un aviso vago que posiblemente se relaciona con múltiples vulnerabilidades o múltiples productos. • http://www.securityfocus.com/bid/47771 http://www.vupen.com/demos/VUPEN_Pwning_Chrome.php http://www.youtube.com/watch?v=c8cQ0yU89sk https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14099 •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 1CVE-2011-1434
https://notcve.org/view.php?id=CVE-2011-1434
Google Chrome before 11.0.696.57 does not ensure thread safety during handling of MIME data, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. Google Chrome anterior a v11.0.696.57 no garantiza la seguridad de los subprocesos durante la manipulación de datos MIME, permitiendo a atacantes remotos provocar una denegación de servicio o tener un impacto no especificado a través de vectores desconocidos. • http://code.google.com/p/chromium/issues/detail?id=71586 http://googlechromereleases.blogspot.com/2011/04/chrome-stable-update.html https://exchange.xforce.ibmcloud.com/vulnerabilities/67141 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14196 • CWE-20: Improper Input Validation •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 1CVE-2011-1437
https://notcve.org/view.php?id=CVE-2011-1437
Multiple integer overflows in Google Chrome before 11.0.696.57 allow remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to float rendering. Múltiples desbordamientos de entero en Google Chrome anterior a v11.0.696.57 permite generar una denegación de servicio o tener un impacto no especificado a través de vectores relacionados con el float rendering • http://code.google.com/p/chromium/issues/detail?id=73526 http://googlechromereleases.blogspot.com/2011/04/chrome-stable-update.html https://exchange.xforce.ibmcloud.com/vulnerabilities/67144 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14601 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.5EPSS: 1%CPEs: 4EXPL: 0CVE-2011-1451
https://notcve.org/view.php?id=CVE-2011-1451
Google Chrome before 11.0.696.57 does not properly handle DOM id maps, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to "dangling pointers." Google Chrome antes de v11.0.696.57 no controla correctamente los mapas DOM Id, lo que permite a atacantes remotos provocar una denegación de servicio o posiblemente tener un impacto no especificado a través de vectores desconocidos que dan lugar a "dangling pointers". • http://code.google.com/p/chromium/issues/detail?id=77463 http://googlechromereleases.blogspot.com/2011/04/chrome-stable-update.html http://lists.apple.com/archives/Security-announce/2011//Oct/msg00000.html http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html http://lists.apple.com/archives/security-announce/2011//Jul/msg00002.html http://support.apple.com/kb/HT4808 http://support.apple.com/kb/HT4981 http://support.apple.com/kb/HT4999 https://exchange. • CWE-20: Improper Input Validation •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2011-1454
https://notcve.org/view.php?id=CVE-2011-1454
Use-after-free vulnerability in the DOM id handling functionality in Google Chrome before 11.0.696.57 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted HTML document. Vulnerabilidad de uso después de liberación en el manejador de funcionalidad DOM Id en Google Chrome antes de v11.0.696.57 permite a atacantes remotos provocar una denegación de servicio o posiblemente tener un impacto no especificado a través de un documento HTML. • http://code.google.com/p/chromium/issues/detail?id=79199 http://googlechromereleases.blogspot.com/2011/04/chrome-stable-update.html https://exchange.xforce.ibmcloud.com/vulnerabilities/67160 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14469 • CWE-416: Use After Free •