Page 629 of 3367 results (0.007 seconds)

CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 1

Use-after-free vulnerability in WebCore in WebKit before r77705, as used in Google Chrome before 11.0.672.2 and other products, allows user-assisted remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via vectors that entice a user to resubmit a form, related to improper handling of provisional items by the HistoryController component, aka rdar problem 8938557. Vulnerabilidad uso después de liberación en WebCore en WebKit antes de r77705, tal y como se usa en Google Chrome antes de v11.0.672.2 y otros productos, permite a atacantes remotos asistidos por el usuario provocar una denegación de servicio (caída de la aplicación) o posiblemente tener un impacto no especificado a través de vectores que animan a un usuario a que vuelva a reenviar un formulario, en relación con el manejo inadecuado de los elementos provisionales por el componente HistoryController. Es un problema tambien conocido como rdar 8938557. • http://code.google.com/p/chromium/issues/detail?id=70315 http://googlechromereleases.blogspot.com/2011/02/dev-channel-update_17.html http://trac.webkit.org/changeset/77705 http://www.securityfocus.com/bid/46577 https://bugs.webkit.org/show_bug.cgi?id=52819 https://exchange.xforce.ibmcloud.com/vulnerabilities/65714 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13943 • CWE-416: Use After Free •

CVSS: 10.0EPSS: 3%CPEs: 1EXPL: 1

Use-after-free vulnerability in Google Chrome before 9.0.597.94 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving SVG font faces. Vulnerabilidad de "Usar después de liberar" (Use-after-free)en Google Chrome anterior a v9.0.597.94 permite a atacantes remotos causar una denegación de servicio o tener un impacto no especificado mediante otros vectores que comprenden fuentes SVG. • http://code.google.com/p/chromium/issues/detail?id=68120 http://googlechromereleases.blogspot.com/2011/02/stable-channel-update_08.html http://secunia.com/advisories/43342 http://www.securityfocus.com/bid/46262 http://www.srware.net/forum/viewtopic.php?f=18&t=2190 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14582 • CWE-416: Use After Free •

CVSS: 7.5EPSS: 0%CPEs: 6EXPL: 1

Google Chrome before 9.0.597.94 does not properly handle anonymous blocks, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer." Google Chrome anterior a v9.0.597.94 no gestiona correctamente los bloques anónimos, permitiendo a atacantes remotos provocar una denegación de servicio o posiblemente tener un impacto no especificado a través de vectores desconocidos que dan lugar a un "stale pointer" • http://code.google.com/p/chromium/issues/detail?id=69556 http://googlechromereleases.blogspot.com/2011/02/stable-channel-update_08.html http://lists.apple.com/archives/Security-announce/2011//Oct/msg00000.html http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html http://lists.apple.com/archives/security-announce/2011//Jul/msg00002.html http://secunia.com/advisories/43342 http://secunia.com/advisories/43368 http://support.apple.com/kb/HT4808 http://support. • CWE-20: Improper Input Validation •

CVSS: 5.0EPSS: 1%CPEs: 3EXPL: 0

Google Chrome before 9.0.597.94 does not properly handle plug-ins, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. Google Chrome anterior a v9.0.597.94 no gestiona correctamente los plug-ins, permitiendo a atacantes remotos provocar una denegación de servicio (lectura fuera de límites) a través de vectores no especificados. • http://code.google.com/p/chromium/issues/detail?id=69970 http://googlechromereleases.blogspot.com/2011/02/stable-channel-update_08.html http://secunia.com/advisories/43342 http://secunia.com/advisories/43368 http://www.debian.org/security/2011/dsa-2166 http://www.securityfocus.com/bid/46262 http://www.srware.net/forum/viewtopic.php?f=18&t=2190 http://www.vupen.com/english/advisories/2011/0408 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef% • CWE-125: Out-of-bounds Read •

CVSS: 7.5EPSS: 0%CPEs: 6EXPL: 1

Google Chrome before 9.0.597.94 does not properly perform event handling for animations, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer." Google Chrome anterior a v9.0.597.94 no realiza adecuadamente el manejo de los eventos de animación, lo que permite a atacantes remotos provocar una denegación de servicio o posiblemente tener otro impacto a través de vectores desconocidos que llevan a un "puntero inválido (stale)". • http://code.google.com/p/chromium/issues/detail?id=67234 http://googlechromereleases.blogspot.com/2011/02/stable-channel-update_08.html http://lists.apple.com/archives/Security-announce/2011//Oct/msg00000.html http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html http://lists.apple.com/archives/security-announce/2011//Jul/msg00002.html http://secunia.com/advisories/43342 http://secunia.com/advisories/43368 http://support.apple.com/kb/HT4808 http://support. • CWE-20: Improper Input Validation •