Page 649 of 3368 results (0.013 seconds)

CVSS: 9.3EPSS: 4%CPEs: 8EXPL: 0

Use-after-free vulnerability in WebKit, as used in Apple Safari before 4.1.3 and 5.0.x before 5.0.3, Google Chrome before 6.0.472.53, and webkitgtk before 1.2.6, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving element focus. Google Chrome anterior a v6.0.472.53 no realiza apropiadamente el manejo del foco, lo que permite a atacantes remotos causar una denegación de servicio o posiblemente tener otros impactos sin especificar a través de vectores desconocidos. Relacionado con un problema "stale pointer" • http://code.google.com/p/chromium/issues/detail?id=52443 http://googlechromereleases.blogspot.com/2010/09/stable-and-beta-channel-updates.html http://lists.apple.com/archives/security-announce/2010//Nov/msg00002.html http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html http://secunia.com/advisories/41856 http://secunia.com/advisories/42314 http://secunia.com/advisories/43068 http://secunia&# • CWE-416: Use After Free •

CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0

Google Chrome before 5.0.375.127 does not properly implement the notifications feature, which allows remote attackers to cause a denial of service (application crash) and possibly have unspecified other impact via unknown vectors. Google Chrome anterior a v5.0.375.127 no implementa correctamente la característica de notificaciones, lo que podría permitir a atacantes remotos provocar una denegación de servicios (fallo de la aplicación) y posiblemente tener otro impacto sin especificar mediante vectores desconocidos • http://code.google.com/p/chromium/issues/detail?id=50553 http://googlechromereleases.blogspot.com/2010/08/stable-channel-update_19.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12098 •

CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 1

Google Chrome before 5.0.375.127 does not properly implement the Geolocation feature, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors. Google Chrome anterior a v5.0.375.127 no implementa correctamente la característica de Geolocalización, lo que permite a atacantes remotos provocar una denegación de servicio (corrupción de memoria) o posiblemente pueda tener otros impactos no especificados a través de vectores desconocidos • http://code.google.com/p/chromium/issues/detail?id=51670 http://googlechromereleases.blogspot.com/2010/08/stable-channel-update_19.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11865 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 10.0EPSS: 0%CPEs: 5EXPL: 0

Google Chrome before 5.0.375.127, and webkitgtk before 1.2.5, does not properly handle SVG documents, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors related to state changes when using DeleteButtonController. Google Chrome anterior a v5.0.375.127 no maneja correctamente los documentos SVG, lo que podría permitir a atacantes remotos provocar una denegación de servicio (corrupción de memoria) o posiblemente tenga otros impactos sin especificar a través de vectores desconocidos • http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=628032 http://code.google.com/p/chromium/issues/detail?id=49596 http://googlechromereleases.blogspot.com/2010/08/stable-channel-update_19.html http://secunia.com/advisories/41856 http://secunia.com/advisories/43086 http://trac.webkit.org/changeset/63865 http://www.mandriva.com/security/advisories?name=MDVSA-2011:039 http://www.redhat.com/support/errata/RHSA-2011-0177.html http://www.securityfocus.com/bid/44199 http://www.u • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 10.0EPSS: 0%CPEs: 5EXPL: 0

The text-editing implementation in Google Chrome before 5.0.375.127, and webkitgtk before 1.2.6, does not check a node type before performing a cast, which has unspecified impact and attack vectors related to (1) DeleteSelectionCommand.cpp, (2) InsertLineBreakCommand.cpp, or (3) InsertParagraphSeparatorCommand.cpp in WebCore/editing/. La implementación de edición de texto en Google Chrome anterior a v5.0.375.127 no realiza conversiones de forma correcta, lo que podría tener impacto y vectores de ataque no especificados. • http://code.google.com/p/chromium/issues/detail?id=49628 http://googlechromereleases.blogspot.com/2010/08/stable-channel-update_19.html http://secunia.com/advisories/41856 http://secunia.com/advisories/43086 http://trac.webkit.org/changeset/63773 http://www.mandriva.com/security/advisories?name=MDVSA-2011:039 http://www.redhat.com/support/errata/RHSA-2011-0177.html http://www.securityfocus.com/bid/44201 http://www.ubuntu.com/usn/USN-1006-1 http://www.vupen.com/english/ •