Page 640 of 3367 results (0.015 seconds)

CVSS: 10.0EPSS: 4%CPEs: 5EXPL: 1

CVE-2010-4203 – libvpx: memory corruption flaw

https://notcve.org/view.php?id=CVE-2010-4203

WebM libvpx (aka the VP8 Codec SDK) before 0.9.5, as used in Google Chrome before 7.0.517.44, allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via invalid frames. WebM libvpx (también se conoce como el SDK VP8 Codec) anterior a versión 0.9.5, tal y como es usado en Google Chrome anterior a versión 7.0.517.44, permite a los atacantes remotos causar una denegación de servicio (corrupción de memoria) o posiblemente ejecutar código arbitrario por medio de tramas no validas. • http://code.google.com/p/chromium/issues/detail?id=60055 http://googlechromereleases.blogspot.com/2010/11/stable-channel-update.html http://review.webmproject.org/gitweb?p=libvpx.git%3Ba=blob%3Bf=CHANGELOG http://review.webmproject.org/gitweb?p=libvpx.git%3Ba=commit%3Bh=09bcc1f710ea65dc158639479288fb1908ff0c53 http://secunia.com/advisories/42109 http://secunia.com/advisories/42118 http://secunia.com/advisories/42690 http://secunia.com/advisories/42908 http://security.gentoo.org/glsa/glsa-201101-03. • CWE-190: Integer Overflow or Wraparound •

CVSS: 8.8EPSS: 2%CPEs: 3EXPL: 0

CVE-2010-4198 – WebKit: Memory corruption due to improper handling of large text area

https://notcve.org/view.php?id=CVE-2010-4198

WebKit, as used in Google Chrome before 7.0.517.44, webkitgtk before 1.2.6, and other products, does not properly handle large text areas, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted HTML document. Google Chrome antes de su versión v7.0.517.44 no maneja correctamente areas de texto demasiado grandes, lo que permite a atacantes remotos causar una denegación de servicio (por corrupción de memoria) o incluso posiblemente tener algún otro impacto no especificado a travñes de un documento HTML debidamente modificado. • http://code.google.com/p/chromium/issues/detail?id=55257 http://googlechromereleases.blogspot.com/2010/11/stable-channel-update.html http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052906.html http://secunia.com/advisories/42109 http://secunia.com/advisories/43086 http://www.mandriva.com/security/advisories?name=MDVSA-2011:039 http://www.redhat.com/support/errata/RHSA-2011-0177.html http://www.securityfocus.com/bid/45719 http://www.vupen.com/english/advisories/2011& • CWE-20: Improper Input Validation •

CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 2

CVE-2010-4205

https://notcve.org/view.php?id=CVE-2010-4205

Google Chrome before 7.0.517.44 does not properly handle the data types of event objects, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. Google Chrome antes de su versión v7.0.517.44 no maneja correctamente los tipos de datos de objetos de eventos, lo que permite a atacantes remotos provocar una denegación de servicio o posiblemente tener un impacto no especificado a través de vectores desconocidos. • http://code.google.com/p/chromium/issues/detail?id=60327 http://code.google.com/p/chromium/issues/detail?id=60769 http://code.google.com/p/chromium/issues/detail?id=61255 http://googlechromereleases.blogspot.com/2010/11/stable-channel-update.html http://secunia.com/advisories/42109 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11537 •

CVSS: 9.8EPSS: 0%CPEs: 3EXPL: 1

CVE-2010-4204 – WebKit: Use-after-free vulnerability related frame object

https://notcve.org/view.php?id=CVE-2010-4204

WebKit, as used in Google Chrome before 7.0.517.44, webkitgtk before 1.2.6, and other products, accesses a frame object after this object has been destroyed, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. Google Chrome antes de su v7.0.517.44 accede a un objeto 'frame' después de que este objeto ha sido destruido, lo que permite a atacantes remotos provocar una denegación de servicio o posiblemente tener un impacto no especificado a través de vectores desconocidos. • http://code.google.com/p/chromium/issues/detail?id=60238 http://googlechromereleases.blogspot.com/2010/11/stable-channel-update.html http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052906.html http://secunia.com/advisories/42109 http://secunia.com/advisories/43086 http://trac.webkit.org/changeset/70517 http://www.mandriva.com/security/advisories?name=MDVSA-2011:039 http://www.redhat.com/support/errata/RHSA-2011-0177.html http://www.securityfocus.com/bid/45718 http • CWE-416: Use After Free •

CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1

CVE-2010-4201

https://notcve.org/view.php?id=CVE-2010-4201

Use-after-free vulnerability in Google Chrome before 7.0.517.44 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving text control selections. Una vulnerabilidad de uso después de liberación en Google Chrome antes de su v7.0.517.44 permite a atacantes remotos causar una denegación de servicio o probablemente tener algún otro impacto no especificado a través de vectores relacionados con selecciones de control de texto. • http://code.google.com/p/chromium/issues/detail?id=58741 http://googlechromereleases.blogspot.com/2010/11/stable-channel-update.html http://secunia.com/advisories/42109 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12137 • CWE-416: Use After Free •