CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2010-3246
https://notcve.org/view.php?id=CVE-2010-3246
Google Chrome before 6.0.472.53 does not properly handle the _blank value for the target attribute of unspecified elements, which allows remote attackers to bypass the pop-up blocker via unknown vectors. Google Chrome anterior a v6.0.472.53 no maneja apropiadamente el valor "_blank" para el atributo de destino de elementos sin especificar, lo que permite a atacantes remotos evitar el bloqueo de "pop-up" a través de vectores desconocidos • http://code.google.com/p/chromium/issues/detail?id=34414 http://googlechromereleases.blogspot.com/2010/09/stable-and-beta-channel-updates.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11752 •
CVSS: 5.0EPSS: 0%CPEs: 4EXPL: 0CVE-2010-3248
https://notcve.org/view.php?id=CVE-2010-3248
Google Chrome before 6.0.472.53 does not properly restrict copying to the clipboard, which has unspecified impact and attack vectors. Google Chrome anterior a v6.0.472.53 no restringe apropiadamente el copiado al portapapeles, lo que produce un impacto y vectores de ataque sin especificar. • http://code.google.com/p/chromium/issues/detail?id=41654 http://googlechromereleases.blogspot.com/2010/09/stable-and-beta-channel-updates.html http://secunia.com/advisories/41856 http://www.mandriva.com/security/advisories?name=MDVSA-2011:039 http://www.securityfocus.com/bid/44216 http://www.ubuntu.com/usn/USN-1006-1 http://www.vupen.com/english/advisories/2010/2722 http://www.vupen.com/english/advisories/2011/0552 https://oval.cisecurity.org/repository/search/definition/oval%3A •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2010-3252
https://notcve.org/view.php?id=CVE-2010-3252
Use-after-free vulnerability in the Notifications presenter in Google Chrome before 6.0.472.53 allows attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. La vulnerabilidad "use-after-free" en el presentador de notificaciones en Google Chrome anterior a v6.0.472.53 permite a atacantes provocar una denegación de servicio o posiblemente tenga otro impacto sin especificar a través de vectores desconocidos. • http://code.google.com/p/chromium/issues/detail?id=50386 http://googlechromereleases.blogspot.com/2010/09/stable-and-beta-channel-updates.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11987 • CWE-416: Use After Free •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2010-3249
https://notcve.org/view.php?id=CVE-2010-3249
Google Chrome before 6.0.472.53 does not properly implement SVG filters, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors, related to a "stale pointer" issue. Google Chrome anterior a v6.0.472.53 no implementa apropiadamente los filtros SVG, lo que permite a atacantes remotos provocar una denegación de servicio o posiblemente tenga otro impacto sin especificar a través de vectores desconocidos. Relacionado con un problema "stale pointer" • http://code.google.com/p/chromium/issues/detail?id=45659 http://googlechromereleases.blogspot.com/2010/09/stable-and-beta-channel-updates.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12211 •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 1CVE-2010-3258
https://notcve.org/view.php?id=CVE-2010-3258
The sandbox implementation in Google Chrome before 6.0.472.53 does not properly deserialize parameters, which has unspecified impact and remote attack vectors. La implementación de la "sandbox" (caja de arena) en Google Chrome anterior a v6.0.472.53 no deserializa apropiadamente los parámetros. Esto provoca un impacto y unos vectores de ataque sin especificar. • http://code.google.com/p/chromium/issues/detail?id=52682 http://googlechromereleases.blogspot.com/2010/09/stable-and-beta-channel-updates.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12133 • CWE-502: Deserialization of Untrusted Data •