CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2010-3117
https://notcve.org/view.php?id=CVE-2010-3117
Google Chrome before 5.0.375.127 does not properly implement the notifications feature, which allows remote attackers to cause a denial of service (application crash) and possibly have unspecified other impact via unknown vectors. Google Chrome anterior a v5.0.375.127 no implementa correctamente la característica de notificaciones, lo que podría permitir a atacantes remotos provocar una denegación de servicios (fallo de la aplicación) y posiblemente tener otro impacto sin especificar mediante vectores desconocidos • http://code.google.com/p/chromium/issues/detail?id=50553 http://googlechromereleases.blogspot.com/2010/08/stable-channel-update_19.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12098 •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 1CVE-2010-3120
https://notcve.org/view.php?id=CVE-2010-3120
Google Chrome before 5.0.375.127 does not properly implement the Geolocation feature, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors. Google Chrome anterior a v5.0.375.127 no implementa correctamente la característica de Geolocalización, lo que permite a atacantes remotos provocar una denegación de servicio (corrupción de memoria) o posiblemente pueda tener otros impactos no especificados a través de vectores desconocidos • http://code.google.com/p/chromium/issues/detail?id=51670 http://googlechromereleases.blogspot.com/2010/08/stable-channel-update_19.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11865 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 0%CPEs: 5EXPL: 0CVE-2010-3113 – webkit: memory corruption when handling SVG documents
https://notcve.org/view.php?id=CVE-2010-3113
Google Chrome before 5.0.375.127, and webkitgtk before 1.2.5, does not properly handle SVG documents, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors related to state changes when using DeleteButtonController. Google Chrome anterior a v5.0.375.127 no maneja correctamente los documentos SVG, lo que podría permitir a atacantes remotos provocar una denegación de servicio (corrupción de memoria) o posiblemente tenga otros impactos sin especificar a través de vectores desconocidos • http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=628032 http://code.google.com/p/chromium/issues/detail?id=49596 http://googlechromereleases.blogspot.com/2010/08/stable-channel-update_19.html http://secunia.com/advisories/41856 http://secunia.com/advisories/43086 http://trac.webkit.org/changeset/63865 http://www.mandriva.com/security/advisories?name=MDVSA-2011:039 http://www.redhat.com/support/errata/RHSA-2011-0177.html http://www.securityfocus.com/bid/44199 http://www.u • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 0%CPEs: 5EXPL: 0CVE-2010-3114 – webkit: bad cast with text editing
https://notcve.org/view.php?id=CVE-2010-3114
The text-editing implementation in Google Chrome before 5.0.375.127, and webkitgtk before 1.2.6, does not check a node type before performing a cast, which has unspecified impact and attack vectors related to (1) DeleteSelectionCommand.cpp, (2) InsertLineBreakCommand.cpp, or (3) InsertParagraphSeparatorCommand.cpp in WebCore/editing/. La implementación de edición de texto en Google Chrome anterior a v5.0.375.127 no realiza conversiones de forma correcta, lo que podría tener impacto y vectores de ataque no especificados. • http://code.google.com/p/chromium/issues/detail?id=49628 http://googlechromereleases.blogspot.com/2010/08/stable-channel-update_19.html http://secunia.com/advisories/41856 http://secunia.com/advisories/43086 http://trac.webkit.org/changeset/63773 http://www.mandriva.com/security/advisories?name=MDVSA-2011:039 http://www.redhat.com/support/errata/RHSA-2011-0177.html http://www.securityfocus.com/bid/44201 http://www.ubuntu.com/usn/USN-1006-1 http://www.vupen.com/english/ •
CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 1CVE-2010-3118
https://notcve.org/view.php?id=CVE-2010-3118
The autosuggest feature in the Omnibox implementation in Google Chrome before 5.0.375.127 does not anticipate entry of passwords, which might allow remote attackers to obtain sensitive information by reading the network traffic generated by this feature. La característica "autosuggest" en la implementación de Omnibox de Google Chrome anterior a v5.0.375.127 no se anticipa a la entrada de contraseñas, lo que podría permitir a atacantes remotos obtener información sensible leyendo el tráfico de red generado por esta característica. • http://code.google.com/p/chromium/issues/detail?id=51146 http://googlechromereleases.blogspot.com/2010/08/stable-channel-update_19.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11839 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •