CVSS: 6.8EPSS: 2%CPEs: 4EXPL: 0CVE-2011-1204
https://notcve.org/view.php?id=CVE-2011-1204
Google Chrome before 10.0.648.127 does not properly handle attributes, which allows remote attackers to cause a denial of service (DOM tree corruption) or possibly have unspecified other impact via a crafted document. Google Chrome anterior a v10.0.648.127 no controla correctamente los atributos, lo que permite a atacantes remotos provocar una denegación de servicio (corrupción del árbol DOM) o tener un impacto no especificado a través de un documento hecho a mano. • http://code.google.com/p/chromium/issues/detail?id=74030 http://googlechromereleases.blogspot.com/2011/03/chrome-stable-release.html http://lists.apple.com/archives/Security-announce/2011//Oct/msg00000.html http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html http://lists.apple.com/archives/security-announce/2011//Jul/msg00002.html http://support.apple.com/kb/HT4808 http://support.apple.com/kb/HT4981 http://support.apple.com/kb/HT4999 http://www.secu • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 0CVE-2011-1201
https://notcve.org/view.php?id=CVE-2011-1201
The context implementation in WebKit, as used in Google Chrome before 10.0.648.127, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer." La implementación en contexto en WebKit, como se usa en Google Chrome anterior a v10.0.648.127, permite a atacantes remotos provocar una denegación de servicio o tener un impacto no especificado a través de vectores desconocidos que dan lugar a un "stale pointer." • http://code.google.com/p/chromium/issues/detail?id=73196 http://googlechromereleases.blogspot.com/2011/03/chrome-stable-release.html http://www.securityfocus.com/bid/46785 http://www.vupen.com/english/advisories/2011/0628 https://exchange.xforce.ibmcloud.com/vulnerabilities/65965 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14089 •
CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 0CVE-2011-1199
https://notcve.org/view.php?id=CVE-2011-1199
Google Chrome before 10.0.648.127 does not properly handle DataView objects, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via unknown vectors. Google Chrome anterior a v10.0.648.127 no maneja correctamente los objetos DataView, lo que permite a atacantes remotos provocar una denegación de servicio (caída de la aplicación) o tener un impacto no especificado a través de vectores desconocidos. • http://code.google.com/p/chromium/issues/detail?id=73066 http://googlechromereleases.blogspot.com/2011/03/chrome-stable-release.html http://www.securityfocus.com/bid/46785 http://www.vupen.com/english/advisories/2011/0628 https://exchange.xforce.ibmcloud.com/vulnerabilities/65963 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14584 •
CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 0CVE-2011-1191
https://notcve.org/view.php?id=CVE-2011-1191
Use-after-free vulnerability in Google Chrome before 10.0.648.127 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of DOM URLs. Vulnerabilidad de "usar después de liberar" en Google Chrome anterior a v10.0.648.127 permite a atacantes remotos provocar una denegación de servicio o tener un impacto no especificado a través de vectores relacionados con el manejo de URLs DOM. • http://code.google.com/p/chromium/issues/detail?id=70442 http://googlechromereleases.blogspot.com/2011/03/chrome-stable-release.html http://www.securityfocus.com/bid/46785 http://www.vupen.com/english/advisories/2011/0628 https://exchange.xforce.ibmcloud.com/vulnerabilities/65955 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14765 • CWE-416: Use After Free •
CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 2CVE-2011-1194
https://notcve.org/view.php?id=CVE-2011-1194
Multiple unspecified vulnerabilities in Google Chrome before 10.0.648.127 allow remote attackers to bypass the pop-up blocker via unknown vectors. Múltiples vulnerabilidades no especificadas en Google Chrome anterior a v10.0.648.127 permite a atacantes remotos eludir el bloqueador de ventanas emergentes (pop-up blocker) a través de vectores desconocidos. • http://code.google.com/p/chromium/issues/detail?id=70885 http://code.google.com/p/chromium/issues/detail?id=71167 http://googlechromereleases.blogspot.com/2011/03/chrome-stable-release.html http://www.securityfocus.com/bid/46785 http://www.vupen.com/english/advisories/2011/0628 https://exchange.xforce.ibmcloud.com/vulnerabilities/65958 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14461 •