CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2010-4201
https://notcve.org/view.php?id=CVE-2010-4201
Use-after-free vulnerability in Google Chrome before 7.0.517.44 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving text control selections. Una vulnerabilidad de uso después de liberación en Google Chrome antes de su v7.0.517.44 permite a atacantes remotos causar una denegación de servicio o probablemente tener algún otro impacto no especificado a través de vectores relacionados con selecciones de control de texto. • http://code.google.com/p/chromium/issues/detail?id=58741 http://googlechromereleases.blogspot.com/2010/11/stable-channel-update.html http://secunia.com/advisories/42109 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12137 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 1CVE-2010-4040
https://notcve.org/view.php?id=CVE-2010-4040
Google Chrome before 7.0.517.41 does not properly handle animated GIF images, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted image. Google Chrome anterior v7.0.517.41 no maneja adecuadamente imágenes GIF animadas, lo que permite a atacantes remotos provocar una denegación de servicio (corrupción de memoria) o posiblemente provocar otros impactos sin especificar a través de una imagen manipulada. • http://code.google.com/p/chromium/issues/detail?id=54500 http://googlechromereleases.blogspot.com/2010/10/stable-channel-update.html http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html http://secunia.com/advisories/41888 http://secunia.com/advisories/43068 http://www.debian.org/security/2011/dsa-2188 http://www.mandriva.com/security/advisories?name=MDVSA-2011:039 http://www.securityfocus.com/bid/44241 http://www.vupen.com/english/advisories/2010/2731 http:/ • CWE-20: Improper Input Validation •
CVSS: 9.8EPSS: 1%CPEs: 2EXPL: 0CVE-2010-4041
https://notcve.org/view.php?id=CVE-2010-4041
The sandbox implementation in Google Chrome before 7.0.517.41 on Linux does not properly constrain worker processes, which might allow remote attackers to bypass intended access restrictions via unspecified vectors. El sandbox implementado en Google Chrome anterior a v7.0.517.41 en Linux no limita adecuadamente los procesos de trabajo, lo que podría permitir a atacantes remotos evitar las restricciones de acceso a través de vectores no especificados. • http://code.google.com/p/chromium/issues/detail?id=54794 http://googlechromereleases.blogspot.com/2010/10/stable-channel-update.html http://secunia.com/advisories/41888 http://www.securityfocus.com/bid/44241 http://www.vupen.com/english/advisories/2010/2731 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14201 •
CVSS: 6.8EPSS: 1%CPEs: 179EXPL: 0CVE-2010-4036
https://notcve.org/view.php?id=CVE-2010-4036
Google Chrome before 7.0.517.41 does not properly handle the unloading of a page, which allows remote attackers to spoof URLs via unspecified vectors. Google Chrome anterior a v7.0.517.41 no controla adecuadamente la actualización de una página, permite a atacantes remotos falsificar URLs a través de vectores desconocidos. • http://code.google.com/p/chromium/issues/detail?id=51680 http://googlechromereleases.blogspot.com/2010/10/stable-channel-update.html http://secunia.com/advisories/41888 http://www.securityfocus.com/bid/44241 http://www.vupen.com/english/advisories/2010/2731 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7627 • CWE-20: Improper Input Validation •
CVSS: 9.8EPSS: 0%CPEs: 3EXPL: 1CVE-2010-4042
https://notcve.org/view.php?id=CVE-2010-4042
Google Chrome before 7.0.517.41 does not properly handle element maps, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to "stale elements." Google Chrome anterior a v7.0.517.41 no controla correctamente los mapas de elemento, lo cual permite a atacantes remotos provocar una denegación de servicio o posiblemente tener otro impacto no especificado a través de vectores relacionados con "elementos obsoletos." • http://code.google.com/p/chromium/issues/detail?id=56451 http://googlechromereleases.blogspot.com/2010/10/stable-channel-update.html http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.html http://secunia.com/advisories/41888 http://www.securityfocus.com/bid/44241 http://www.vupen.com/english/advisories/2010/2731 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6654 • CWE-20: Improper Input Validation •