CVE-2010-4040
https://notcve.org/view.php?id=CVE-2010-4040
Google Chrome before 7.0.517.41 does not properly handle animated GIF images, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted image. Google Chrome anterior v7.0.517.41 no maneja adecuadamente imágenes GIF animadas, lo que permite a atacantes remotos provocar una denegación de servicio (corrupción de memoria) o posiblemente provocar otros impactos sin especificar a través de una imagen manipulada. • http://code.google.com/p/chromium/issues/detail?id=54500 http://googlechromereleases.blogspot.com/2010/10/stable-channel-update.html http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html http://secunia.com/advisories/41888 http://secunia.com/advisories/43068 http://www.debian.org/security/2011/dsa-2188 http://www.mandriva.com/security/advisories?name=MDVSA-2011:039 http://www.securityfocus.com/bid/44241 http://www.vupen.com/english/advisories/2010/2731 http:/ • CWE-20: Improper Input Validation •
CVE-2010-4041
https://notcve.org/view.php?id=CVE-2010-4041
The sandbox implementation in Google Chrome before 7.0.517.41 on Linux does not properly constrain worker processes, which might allow remote attackers to bypass intended access restrictions via unspecified vectors. El sandbox implementado en Google Chrome anterior a v7.0.517.41 en Linux no limita adecuadamente los procesos de trabajo, lo que podría permitir a atacantes remotos evitar las restricciones de acceso a través de vectores no especificados. • http://code.google.com/p/chromium/issues/detail?id=54794 http://googlechromereleases.blogspot.com/2010/10/stable-channel-update.html http://secunia.com/advisories/41888 http://www.securityfocus.com/bid/44241 http://www.vupen.com/english/advisories/2010/2731 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14201 •
CVE-2010-4036
https://notcve.org/view.php?id=CVE-2010-4036
Google Chrome before 7.0.517.41 does not properly handle the unloading of a page, which allows remote attackers to spoof URLs via unspecified vectors. Google Chrome anterior a v7.0.517.41 no controla adecuadamente la actualización de una página, permite a atacantes remotos falsificar URLs a través de vectores desconocidos. • http://code.google.com/p/chromium/issues/detail?id=51680 http://googlechromereleases.blogspot.com/2010/10/stable-channel-update.html http://secunia.com/advisories/41888 http://www.securityfocus.com/bid/44241 http://www.vupen.com/english/advisories/2010/2731 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7627 • CWE-20: Improper Input Validation •
CVE-2010-4033
https://notcve.org/view.php?id=CVE-2010-4033
Google Chrome before 7.0.517.41 does not properly implement the autofill and autocomplete functionality, which allows remote attackers to conduct "profile spamming" attacks via unspecified vectors. Google Chrome anterior a v.7.0.517.41 no implementa adecuadamente la función autofill y autocompletado, permite que atacantes remotos dirijan un ataque "profile spamming" a través de vectores no especificados. • http://code.google.com/p/chromium/issues/detail?id=48225 http://code.google.com/p/chromium/issues/detail?id=51727 http://googlechromereleases.blogspot.com/2010/10/stable-channel-update.html http://secunia.com/advisories/41888 http://www.securityfocus.com/bid/44241 http://www.vupen.com/english/advisories/2010/2731 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7159 •
CVE-2010-4042
https://notcve.org/view.php?id=CVE-2010-4042
Google Chrome before 7.0.517.41 does not properly handle element maps, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to "stale elements." Google Chrome anterior a v7.0.517.41 no controla correctamente los mapas de elemento, lo cual permite a atacantes remotos provocar una denegación de servicio o posiblemente tener otro impacto no especificado a través de vectores relacionados con "elementos obsoletos." • http://code.google.com/p/chromium/issues/detail?id=56451 http://googlechromereleases.blogspot.com/2010/10/stable-channel-update.html http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.html http://secunia.com/advisories/41888 http://www.securityfocus.com/bid/44241 http://www.vupen.com/english/advisories/2010/2731 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6654 • CWE-20: Improper Input Validation •