CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 2CVE-2011-1194
https://notcve.org/view.php?id=CVE-2011-1194
Multiple unspecified vulnerabilities in Google Chrome before 10.0.648.127 allow remote attackers to bypass the pop-up blocker via unknown vectors. Múltiples vulnerabilidades no especificadas en Google Chrome anterior a v10.0.648.127 permite a atacantes remotos eludir el bloqueador de ventanas emergentes (pop-up blocker) a través de vectores desconocidos. • http://code.google.com/p/chromium/issues/detail?id=70885 http://code.google.com/p/chromium/issues/detail?id=71167 http://googlechromereleases.blogspot.com/2011/03/chrome-stable-release.html http://www.securityfocus.com/bid/46785 http://www.vupen.com/english/advisories/2011/0628 https://exchange.xforce.ibmcloud.com/vulnerabilities/65958 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14461 •
CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 1CVE-2011-1193
https://notcve.org/view.php?id=CVE-2011-1193
Google V8, as used in Google Chrome before 10.0.648.127, allows remote attackers to bypass the Same Origin Policy via unspecified vectors. Google V8, tal como se usa en Google Chrome anterior a v10.0.648.127, permite a atacantes remotos eludir la "política del mismo origen" (Same Origin Policy) a través de vectores no especificados. • http://code.google.com/p/chromium/issues/detail?id=70877 http://googlechromereleases.blogspot.com/2011/03/chrome-stable-release.html http://www.securityfocus.com/bid/46785 http://www.vupen.com/english/advisories/2011/0628 https://exchange.xforce.ibmcloud.com/vulnerabilities/65957 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14035 •
CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 1CVE-2011-1195
https://notcve.org/view.php?id=CVE-2011-1195
Use-after-free vulnerability in Google Chrome before 10.0.648.127 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to "document script lifetime handling." Vulnerabilidad de "usar después de liberar" (Use-after-free) en Google Chrome anterior a v10.0.648.127 permite a atacantes remotos provocar una denegación de servicio o tener un impacto no especificado a través de vectores relacionados con "document script lifetime handling" • http://code.google.com/p/chromium/issues/detail?id=71763 http://googlechromereleases.blogspot.com/2011/03/chrome-stable-release.html http://www.securityfocus.com/bid/46785 http://www.vupen.com/english/advisories/2011/0628 https://exchange.xforce.ibmcloud.com/vulnerabilities/65959 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14575 • CWE-416: Use After Free •
CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 1CVE-2011-1202 – libxslt: Heap address leak in XLST
https://notcve.org/view.php?id=CVE-2011-1202
The xsltGenerateIdFunction function in functions.c in libxslt 1.1.26 and earlier, as used in Google Chrome before 10.0.648.127 and other products, allows remote attackers to obtain potentially sensitive information about heap memory addresses via an XML document containing a call to the XSLT generate-id XPath function. Vulnerabilidad no especificada en la implementación XSLT en Google Chrome anterior a v10.0.648.127 permite a atacantes remotos obtener información sensible acerca de las direcciones de memoria en el montón mediante vectores desconocidos. • http://code.google.com/p/chromium/issues/detail?id=73716 http://downloads.avaya.com/css/P8/documents/100144158 http://git.gnome.org/browse/libxslt/commit/?id=ecb6bcb8d1b7e44842edde3929f412d46b40c89f http://googlechromereleases.blogspot.com/2011/03/chrome-stable-release.html http://scarybeastsecurity.blogspot.com/2011/03/multi-browser-heap-address-leak-in-xslt.html http://www.mandriva.com/security/advisories?name=MDVSA-2011:079 http://www.mandriva.com/security/advisories?name=MDVSA-2012:164 http://www& • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 2%CPEs: 1EXPL: 1CVE-2011-1198
https://notcve.org/view.php?id=CVE-2011-1198
The video functionality in Google Chrome before 10.0.648.127 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that trigger use of a malformed "out-of-bounds structure." La funcionalidad de vídeo en Google Chrome anterior a v10.0.648.127 permite a atacantes remotos provocar una denegación de servicio o tener un impacto no especificado a través de vectores desconocidos que generan el uso de una estructura "out-of-bounds" incorrecta. • http://code.google.com/p/chromium/issues/detail?id=73026 http://googlechromereleases.blogspot.com/2011/03/chrome-stable-release.html http://www.securityfocus.com/bid/46785 http://www.vupen.com/english/advisories/2011/0628 https://exchange.xforce.ibmcloud.com/vulnerabilities/65962 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14555 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •