CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 2CVE-2011-1185
https://notcve.org/view.php?id=CVE-2011-1185
Google Chrome before 10.0.648.127 does not prevent (1) navigation and (2) close operations on the top location of a sandboxed frame, which has unspecified impact and remote attack vectors. Google Chrome en versiones anteriores a la 10.0.648.127 no previene (1) la navegación y (2) operaciones de cierre en la localización superior de un frame que se ejecuta en una sandbox, lo que tiene un impacto sin especificar y vectores de ataque remotos. • http://code.google.com/p/chromium/issues/detail?id=42574 http://code.google.com/p/chromium/issues/detail?id=42765 http://googlechromereleases.blogspot.com/2011/03/chrome-stable-release.html http://www.securityfocus.com/bid/46785 http://www.vupen.com/english/advisories/2011/0628 https://exchange.xforce.ibmcloud.com/vulnerabilities/65948 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14349 •
CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 1CVE-2011-1197
https://notcve.org/view.php?id=CVE-2011-1197
Google Chrome before 10.0.648.127 does not properly perform table painting, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer." Google Chrome en versiones anteriores a la 10.0.648.127 no realiza apropiadamente la representación gráfica de tablas, lo que permite a atacantes remotos provocar una denegación de servicio o, posiblemente, tener otros impactos sin especificar a través de vectores desconocidos que produzcan un puntero caduco. • http://code.google.com/p/chromium/issues/detail?id=72028 http://googlechromereleases.blogspot.com/2011/03/chrome-stable-release.html http://www.securityfocus.com/bid/46785 http://www.vupen.com/english/advisories/2011/0628 https://exchange.xforce.ibmcloud.com/vulnerabilities/65961 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14703 • CWE-20: Improper Input Validation •
CVSS: 5.0EPSS: 0%CPEs: 3EXPL: 1CVE-2011-1190
https://notcve.org/view.php?id=CVE-2011-1190
The Web Workers implementation in Google Chrome before 10.0.648.127 allows remote attackers to bypass the Same Origin Policy via unspecified vectors, related to an "error message leak." La implementación de Web Workers en Google Chrome anterior a v10.0.648.127 permite a atacantes remotos evitar la "política del mismo origen" (Same Origin Policy) a través de vectores no especificados, relacionados con un "error message leak". • http://code.google.com/p/chromium/issues/detail?id=70336 http://googlechromereleases.blogspot.com/2011/03/chrome-stable-release.html http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html http://lists.apple.com/archives/security-announce/2011//Jul/msg00002.html http://support.apple.com/kb/HT4808 http://support.apple.com/kb/HT4999 http://www.securityfocus.com/bid/46785 http://www.vupen.com/english/advisories/2011/0628 https://exchange.xforce.ibmcloud.com/vul • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 1%CPEs: 4EXPL: 0CVE-2011-1203
https://notcve.org/view.php?id=CVE-2011-1203
Google Chrome before 10.0.648.127 does not properly handle SVG cursors, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer." Google Chrome anterior a v10.0.648.127 no maneja correctamente cursores SVG, lo que permite a atacantes remotos provocar una denegación de servicio o tener un impacto no especificado a través de vectores desconocidos que dan lugar a un "stale pointer". • http://code.google.com/p/chromium/issues/detail?id=73746 http://googlechromereleases.blogspot.com/2011/03/chrome-stable-release.html http://lists.apple.com/archives/Security-announce/2011//Oct/msg00000.html http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html http://lists.apple.com/archives/security-announce/2011//Jul/msg00002.html http://support.apple.com/kb/HT4808 http://support.apple.com/kb/HT4981 http://support.apple.com/kb/HT4999 http://www.secu •
CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 1CVE-2011-1189
https://notcve.org/view.php?id=CVE-2011-1189
Google Chrome before 10.0.648.127 does not properly perform box layout, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale node." Google Chrome anterior a v10.0.648.127 no realiza correctamente el diseño del cuadro, permitiendo a atacantes remotos provocar una denegación de servicio o tener un impacto no especificado a través de vectores desconocidos que dan lugar a un "stale node." • http://code.google.com/p/chromium/issues/detail?id=70027 http://googlechromereleases.blogspot.com/2011/03/chrome-stable-release.html http://www.securityfocus.com/bid/46785 http://www.vupen.com/english/advisories/2011/0628 https://exchange.xforce.ibmcloud.com/vulnerabilities/65953 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14370 •