Page 631 of 3364 results (0.012 seconds)

CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 0

Google Chrome before 9.0.597.84 does not properly restrict drag and drop operations, which might allow remote attackers to bypass the Same Origin Policy via unspecified vectors. Google Chrome anterior a v9.0.597.84 no restringe correctamente las operaciones de arrastrar y soltar, lo que podría permitir a atacantes remotos evitar la Same Origin Policy a través de vectores no especificados. • http://code.google.com/p/chromium/issues/detail?id=59081 http://googlechromereleases.blogspot.com/2011/02/stable-channel-update.html http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.html http://secunia.com/advisories/43368 http://www.debian.org/security/2011/dsa-2166 http://www.debian.org/security/2011/dsa-2188 http://www.vupen.com/english/advisories/2011/0408 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14228 • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0

The PDF event handler in Google Chrome before 9.0.597.84 does not properly interact with print operations, which allows user-assisted remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via unknown vectors. El controlador de eventos PDF en Google Chrome anterior a v9.0.597.84 interactúa correctamente con las operaciones de impresión, lo que permite a atacantes remotos asistidos por el usuario provocar una denegación de servicio (caída de aplicación) o posiblemente tener un impacto no especificado a través de vectores desconocidos. • http://code.google.com/p/chromium/issues/detail?id=64051 http://googlechromereleases.blogspot.com/2011/02/stable-channel-update.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14530 •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0

Google Chrome before 9.0.597.84 does not properly handle autofill profile merging, which has unspecified impact and remote attack vectors. Google Chrome anterior a v9.0.597.84 no controla correctamente el autocompletado de perfiles, lo que tiene un impacto no especificado y vectores de ataque a distancia. • http://googlechromereleases.blogspot.com/2011/02/stable-channel-update.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14413 • CWE-20: Improper Input Validation •

CVSS: 5.0EPSS: 2%CPEs: 2EXPL: 1

Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do not properly handle extensions notification, which allows remote attackers to cause a denial of service (application crash) via unspecified vectors. Google Chrome antes de v8.0.552.237 y Chrome OS antes de v8.0.552.344 no gestiona debidamente la notificación de extensiones, lo que permite a atacantes remotos provocar una denegación de servicio (caída de la aplicación) a través de vectores no especificados. • http://code.google.com/p/chromium/issues/detail?id=58053 http://googlechromereleases.blogspot.com/2011/01/chrome-stable-release.html http://osvdb.org/70453 http://secunia.com/advisories/42951 http://www.securityfocus.com/bid/45788 http://www.srware.net/forum/viewtopic.php?f=18&t=2054 https://exchange.xforce.ibmcloud.com/vulnerabilities/64661 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14366 •

CVSS: 9.3EPSS: 13%CPEs: 2EXPL: 0

Use-after-free vulnerability in Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a PDF document. Vulnerabilidad de uso después de liberación en Google Chrome antes de v8.0.552.237 y Chrome OS antes de v8.0.552.344 permite a atacantes remotos provocar una denegación de servicio o posiblemente tener un impacto no especificado a través de un documento PDF. • http://code.google.com/p/chromium/issues/detail?id=67100 http://googlechromereleases.blogspot.com/2011/01/chrome-stable-release.html http://osvdb.org/70458 http://secunia.com/advisories/42951 http://www.securityfocus.com/bid/45788 http://www.srware.net/forum/viewtopic.php?f=18&t=2054 https://exchange.xforce.ibmcloud.com/vulnerabilities/64666 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14606 • CWE-416: Use After Free •