CVSS: 9.3EPSS: 0%CPEs: 3EXPL: 0CVE-2011-2075
https://notcve.org/view.php?id=CVE-2011-2075
Unspecified vulnerability in Google Chrome 11.0.696.65 on Windows 7 SP1 allows remote attackers to execute arbitrary code via unknown vectors. NOTE: as of 20110510, the only disclosure is a vague advisory that possibly relates to multiple vulnerabilities or multiple products. However, because it is from a well-known researcher, it is being assigned a CVE identifier for tracking purposes. Vulnerabilidad no especificada en Google Chrome versión 11.0.696.65 en Windows 7 SP1, permite a atacantes remotos ejecutar código arbitrario por medio de vectores desconocidos. NOTA: a partir del 10-05-2011, la única divulgación es un aviso vago que posiblemente se relaciona con múltiples vulnerabilidades o múltiples productos. • http://www.securityfocus.com/bid/47771 http://www.vupen.com/demos/VUPEN_Pwning_Chrome.php http://www.youtube.com/watch?v=c8cQ0yU89sk https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14099 •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 1CVE-2011-1443
https://notcve.org/view.php?id=CVE-2011-1443
Google Chrome before 11.0.696.57 does not properly implement layering, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to "stale pointers." Google Chrome antes 11.0.696.57 no aplica adecuadamente las capas, lo que permite a atacantes remotos provocar una denegación de servicio o posiblemente tener un impacto no especificado a través de vectores desconocidos que dan lugar a "stale pointers". • http://code.google.com/p/chromium/issues/detail?id=76001 http://googlechromereleases.blogspot.com/2011/04/chrome-stable-update.html https://exchange.xforce.ibmcloud.com/vulnerabilities/67150 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14627 • CWE-20: Improper Input Validation •
CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 1CVE-2011-1435
https://notcve.org/view.php?id=CVE-2011-1435
Google Chrome before 11.0.696.57 does not properly implement the tabs permission for extensions, which allows remote attackers to read local files via a crafted extension. Google Chrome anterior a v11.0.696.57 no implementa adecuadamente el permiso de las pestañas para las extensiones, permitiendo a atacantes remotos leer archivos locales a través de una extensión manipulada. • http://code.google.com/p/chromium/issues/detail?id=72523 http://googlechromereleases.blogspot.com/2011/04/chrome-stable-update.html https://exchange.xforce.ibmcloud.com/vulnerabilities/67142 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14586 • CWE-276: Incorrect Default Permissions •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2011-1442
https://notcve.org/view.php?id=CVE-2011-1442
Google Chrome before 11.0.696.57 does not properly handle mutation events, which allows remote attackers to cause a denial of service (node tree corruption) or possibly have unspecified other impact via unknown vectors. Google Chrome antes de v11.0.696.57 no controla correctamente los eventos de mutación, lo que permite a atacantes remotos provocar una denegación de servicio (corrupción del nodo del árbol) o posiblemente tener un impacto no especificado a través de vectores desconocidos. • http://code.google.com/p/chromium/issues/detail?id=75801 http://googlechromereleases.blogspot.com/2011/04/chrome-stable-update.html https://exchange.xforce.ibmcloud.com/vulnerabilities/67149 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13808 • CWE-20: Improper Input Validation •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2011-1445
https://notcve.org/view.php?id=CVE-2011-1445
Google Chrome before 11.0.696.57 does not properly handle SVG documents, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. Google Chrome antes de v11.0.696.57 no controla correctamente los documentos SVG, lo que permite a atacantes remotos provocar una denegación de servicio (lectura fuera de límites) a través de vectores no especificados. • http://code.google.com/p/chromium/issues/detail?id=76646 http://googlechromereleases.blogspot.com/2011/04/chrome-stable-update.html https://exchange.xforce.ibmcloud.com/vulnerabilities/67152 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14557 • CWE-125: Out-of-bounds Read •