CVE-2010-4487
https://notcve.org/view.php?id=CVE-2010-4487
Incomplete blacklist vulnerability in Google Chrome before 8.0.552.215 on Linux and Mac OS X allows remote attackers to have an unspecified impact via a "dangerous file." Vulnerabilidad de lista negra incompleta en Google Chrome antes de v8.0.552.215 en Linux y Mac OS X permite a atacantes remotos tener un impacto no especificado a través de un "archivo peligroso." • http://code.google.com/p/chromium/issues/detail?id=59817 http://googlechromereleases.blogspot.com/2010/12/stable-beta-channel-updates.html http://secunia.com/advisories/42472 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13423 •
CVE-2010-4489
https://notcve.org/view.php?id=CVE-2010-4489
libvpx, as used in Google Chrome before 8.0.552.215 and possibly other products, allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted WebM video. NOTE: this vulnerability exists because of a regression. libvpx, como se utiliza en Google Chrome en versiones anteriores a 8.0.552.215 y posiblemente otros productos, permite a atacantes remotos causar una denegación de servicio (lectura fuera de rango) a través de un vídeo WebM manipulado. NOTA: esta vulnerabilidad existe debido a una regresión. • http://code.google.com/p/chromium/issues/detail?id=61653 http://googlechromereleases.blogspot.com/2010/12/stable-beta-channel-updates.html http://secunia.com/advisories/42472 http://secunia.com/advisories/43728 http://www.ubuntu.com/usn/USN-1087-1 http://www.vupen.com/english/advisories/2011/0662 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11919 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2010-4494 – libxml2: double-free in XPath processing code
https://notcve.org/view.php?id=CVE-2010-4494
Double free vulnerability in libxml2 2.7.8 and other versions, as used in Google Chrome before 8.0.552.215 and other products, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to XPath handling. Vulnerabilidad de liberación doble en libxml2 2.7.8 y otras versiones, tal como se utiliza en Google Chrome en versiones anteriores a 8.0.552.215 y otros productos, permite a atacantes remotos provocar una denegación de servicio o posiblemente tener otro impacto no especificado a través de vectores relacionados con el manejo de XPath. • http://code.google.com/p/chromium/issues/detail?id=63444 http://googlechromereleases.blogspot.com/2010/12/stable-beta-channel-updates.html http://lists.apple.com/archives/security-announce/2011//Mar/msg00003.html http://lists.apple.com/archives/security-announce/2011//Mar/msg00004.html http://lists.apple.com/archives/security-announce/2011/Mar/msg00000.html http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html http://lists.fedoraproject.org/pipermail/package-announce/2011-Ma • CWE-415: Double Free •
CVE-2010-4491
https://notcve.org/view.php?id=CVE-2010-4491
Google Chrome before 8.0.552.215 does not properly restrict privileged extensions, which allows remote attackers to cause a denial of service (memory corruption) via a crafted extension. Google Chrome antes de v8.0.552.215 no restringe correctamente las extensiones privilegiada, lo que permite a atacantes remotos provocar una denegación de servicio (por corrupción de memoria) a través de una extensión específicamente escrita para ello. • http://code.google.com/p/chromium/issues/detail?id=62168 http://googlechromereleases.blogspot.com/2010/12/stable-beta-channel-updates.html http://secunia.com/advisories/42472 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11991 • CWE-264: Permissions, Privileges, and Access Controls •
CVE-2010-4484
https://notcve.org/view.php?id=CVE-2010-4484
Google Chrome before 8.0.552.215 does not properly handle HTML5 databases, which allows attackers to cause a denial of service (application crash) via unspecified vectors. Google Chrome antes de v8.0.552.215 no controla correctamente las bases de datos HTML5, lo que permite a atacantes provocar una denegación de servicio (bloqueo de la aplicación) a través de vectores no especificados. • http://code.google.com/p/chromium/issues/detail?id=56237 http://googlechromereleases.blogspot.com/2010/12/stable-beta-channel-updates.html http://secunia.com/advisories/42472 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12236 •