CVSS: 5.0EPSS: 0%CPEs: 5EXPL: 1CVE-2010-3115 – webkit: address bar spoofing with history bug
https://notcve.org/view.php?id=CVE-2010-3115
Google Chrome before 5.0.375.127, and webkitgtk before 1.2.6, does not properly implement the history feature, which might allow remote attackers to spoof the address bar via unspecified vectors. Google Chrome anterior a v5.0.375.127 no implementa correctamente la caracteristica de historial, lo que podría permitir a atacantes remotos suplantar la barra de direcciones a través de vectores no especificados • http://code.google.com/p/chromium/issues/detail?id=49964 http://googlechromereleases.blogspot.com/2010/08/stable-channel-update_19.html http://secunia.com/advisories/41856 http://secunia.com/advisories/43086 http://www.mandriva.com/security/advisories?name=MDVSA-2011:039 http://www.redhat.com/support/errata/RHSA-2011-0177.html http://www.securityfocus.com/bid/44203 http://www.ubuntu.com/usn/USN-1006-1 http://www.vupen.com/english/advisories/2010/2722 http://www.vupen. •
CVSS: 10.0EPSS: 2%CPEs: 3EXPL: 1CVE-2010-2901
https://notcve.org/view.php?id=CVE-2010-2901
The rendering implementation in Google Chrome before 5.0.375.125 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors. La implementación de renderizado de Google Chrome anterior a v5.0.375.125 permite a atacantes remotos provocar una denegación de servicio (corrupción de memoria) o puede que tener otros impactos no especificados mediante vectores desconocidos. • http://code.google.com/p/chromium/issues/detail?id=47866 http://googlechromereleases.blogspot.com/2010/07/stable-channel-update_26.html http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.html http://secunia.com/advisories/40743 http://www.debian.org/security/2011/dsa-2188 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11997 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 1CVE-2010-2898
https://notcve.org/view.php?id=CVE-2010-2898
Google Chrome before 5.0.375.125 does not properly mitigate an unspecified flaw in the GNU C Library, which has unknown impact and attack vectors. Google Chrome anterior a v5.0.375.125 no mitiga de forma adecuada un fallo en una librería de GNU C, tiene un vector de ataque e impacto desconocido. • http://code.google.com/p/chromium/issues/detail?id=48733 http://googlechromereleases.blogspot.com/2010/07/stable-channel-update_26.html http://secunia.com/advisories/40743 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12104 •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2010-2903
https://notcve.org/view.php?id=CVE-2010-2903
Google Chrome before 5.0.375.125 performs unexpected truncation and improper eliding of hostnames, which has unspecified impact and remote attack vectors. Google Chrome anterior a v5.0.375.125 realiza un truncamiento no esperado y elidiendo de una manera no adecuada los nombres de host, lo que causa un impacto desconocido a través de vectores no especificados. • http://code.google.com/p/chromium/issues/detail?id=48597 http://googlechromereleases.blogspot.com/2010/07/stable-channel-update_26.html http://secunia.com/advisories/40743 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11920 •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 1CVE-2010-2900
https://notcve.org/view.php?id=CVE-2010-2900
Google Chrome before 5.0.375.125 does not properly handle a large canvas, which has unspecified impact and remote attack vectors. ChromeGoogle Chrome anterior a v5.0.375.125 no maneja adecuadamente lienzos (canvas) de gran tamaño, lo que tiene un impacto y vectores de ataque no especificados. • http://code.google.com/p/chromium/issues/detail?id=43813 http://googlechromereleases.blogspot.com/2010/07/stable-channel-update_26.html http://secunia.com/advisories/40743 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11818 •