CVSS: 10.0EPSS: 2%CPEs: 2EXPL: 0CVE-2011-0473
https://notcve.org/view.php?id=CVE-2011-0473
Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do not properly handle Cascading Style Sheets (CSS) token sequences in conjunction with CANVAS elements, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer." Google Chrome antes de v8.0.552.237 y Chrome OS antes de v8.0.552.344 no controlan correctamente las secuencias de tokens CSS (Cascading Style Sheets) en relación con elementos CANVAS, lo que permite a atacantes remotos provocar una denegación de servicio o posiblemente tener un impacto no especificado a través de vectores desconocidos que llevan a un puntero en estado "stale". • http://code.google.com/p/chromium/issues/detail?id=66560 http://googlechromereleases.blogspot.com/2011/01/chrome-stable-release.html http://osvdb.org/70456 http://secunia.com/advisories/42951 http://www.securityfocus.com/bid/45788 http://www.srware.net/forum/viewtopic.php?f=18&t=2054 https://exchange.xforce.ibmcloud.com/vulnerabilities/64664 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14460 •
CVSS: 10.0EPSS: 2%CPEs: 2EXPL: 0CVE-2011-0471
https://notcve.org/view.php?id=CVE-2011-0471
The node-iteration implementation in Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 does not properly handle pointers, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. La implementación de iteración de nodos en Google Chrome antes de v8.0.552.237 y Chrome OS antes de v8.0.552.344 no controla correctamente los punteros, lo que permite a atacantes remotos provocar una denegación de servicio o posiblemente tener un impacto no especificado a través de vectores desconocidos. • http://code.google.com/p/chromium/issues/detail?id=65764 http://googlechromereleases.blogspot.com/2011/01/chrome-stable-release.html http://osvdb.org/70454 http://secunia.com/advisories/42951 http://www.securityfocus.com/bid/45788 http://www.srware.net/forum/viewtopic.php?f=18&t=2054 https://exchange.xforce.ibmcloud.com/vulnerabilities/64662 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13710 • CWE-20: Improper Input Validation •
CVSS: 10.0EPSS: 6%CPEs: 2EXPL: 1CVE-2011-0478
https://notcve.org/view.php?id=CVE-2011-0478
Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do not properly handle SVG use elements, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer." Google Chrome antes de v8.0.552.237 y Chrome OS antes de v8.0.552.344 no manejan adecuadamente los elementos de uso de SVG, lo que permite provocar a atacantes remotos una denegación de servicio o posiblemente tener un impacto no especificado a través de vectores desconocidos que llevan a un puntero en estado "stale". • http://code.google.com/p/chromium/issues/detail?id=67363 http://googlechromereleases.blogspot.com/2011/01/chrome-stable-release.html http://osvdb.org/70461 http://secunia.com/advisories/42951 http://www.securityfocus.com/bid/45788 http://www.srware.net/forum/viewtopic.php?f=18&t=2054 https://exchange.xforce.ibmcloud.com/vulnerabilities/64669 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14191 • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 4%CPEs: 2EXPL: 1CVE-2011-0484
https://notcve.org/view.php?id=CVE-2011-0484
Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do not properly perform DOM node removal, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale rendering node." Google Chrome antes de v8.0.552.237 y Chrome OS antes de v8.0.552.344 no realiza correctamente la eliminación de nodos DOM, lo que permite provocar a atacantes remotos una denegación de servicio o posiblemente tener un impacto no especificado a través de vectores desconocidos que dan lugar a un nodo de representación en estado "stale". • http://code.google.com/p/chromium/issues/detail?id=68439 http://googlechromereleases.blogspot.com/2011/01/chrome-stable-release.html http://osvdb.org/70467 http://secunia.com/advisories/42951 http://www.securityfocus.com/bid/45788 http://www.srware.net/forum/viewtopic.php?f=18&t=2054 https://exchange.xforce.ibmcloud.com/vulnerabilities/64675 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14131 • CWE-20: Improper Input Validation •
CVSS: 5.0EPSS: 1%CPEs: 2EXPL: 1CVE-2010-4576
https://notcve.org/view.php?id=CVE-2010-4576
browser/worker_host/message_port_dispatcher.cc in Google Chrome before 8.0.552.224 and Chrome OS before 8.0.552.343 does not properly handle certain postMessage calls, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via crafted JavaScript code that creates a web worker. browser/worker_host/message_port_dispatcher.cc en Google Chrome anterior a v8.0.552.224 y Chrome OS anterior a v8.0.552.343 no maneja adecuadamente ciertas llamadas postMessage, lo cual permite a los atacantes remotos causar una denegación de servicio (referencia a puntero NULO y fallo de la aplicación) a través de código JavaScript manipulado. • http://code.google.com/p/chromium/issues/detail?id=63529 http://googlechromereleases.blogspot.com/2010/12/stable-beta-channel-updates_13.html http://secunia.com/advisories/42648 http://src.chromium.org/viewvc/chrome?view=rev&revision=66620 http://www.gentoo.org/security/en/glsa/glsa-201012-01.xml http://www.securityfocus.com/bid/45390 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14161 • CWE-476: NULL Pointer Dereference •