CVSS: 4.3EPSS: 0%CPEs: 252EXPL: 0CVE-2010-1851
https://notcve.org/view.php?id=CVE-2010-1851
Google Chrome, when the Invisible Hand extension is enabled, uses cookies during background HTTP requests in a possibly unexpected manner, which might allow remote web servers to identify specific persons and their product searches via HTTP request logging, related to a "cross-site data leakage" issue. Google Chrome, cuando la extendión Invisible Hand está activada, usa cookies durante las respuestas HTTP en segundo plano de una forma posiblemente no espetada, lo que podría permitir a servidores Web remotos identificar a personas específicas y sus búsquedas de productos a través de un login para peticiones HTTP, relativo a una característica de "fuga de dato cruzados" (cross-site data leakage) • http://www.cnet.com/8301-31361_1-20004265-254.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11757 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 2%CPEs: 108EXPL: 0CVE-2010-1665
https://notcve.org/view.php?id=CVE-2010-1665
Google Chrome before 4.1.249.1064 does not properly handle fonts, which allows remote attackers to cause a denial of service (memory corruption) and possibly have unspecified other impact via unknown vectors. Google Chrome anteriores a v4.1.249.1064 no gestiona de forma adecuada las fuentes, lo que permite a atacantes remotos provocar una denegación de servicio (corrupción de memoria) y posiblemente tener otros impactos no especificados a través de vectores desconocidos. • http://code.google.com/p/chromium/issues/detail?id=42294 http://googlechromereleases.blogspot.com/2010/04/stable-update-bug-and-security-fixes.html http://secunia.com/advisories/39651 http://secunia.com/advisories/41856 http://www.mandriva.com/security/advisories?name=MDVSA-2011:039 http://www.ubuntu.com/usn/USN-1006-1 http://www.vupen.com/english/advisories/2010/1016 http://www.vupen.com/english/advisories/2010/2722 http://www.vupen.com/english/advisories/2011/0552 https:&# • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.0EPSS: 2%CPEs: 240EXPL: 0CVE-2010-1664
https://notcve.org/view.php?id=CVE-2010-1664
Google Chrome before 4.1.249.1064 does not properly handle HTML5 media, which allows remote attackers to cause a denial of service (memory corruption) and possibly have unspecified other impact via unknown vectors. Google Chrome antes de la versión v4.1.249.1064 no controla correctamente los contenidos multimedia HTML5, lo que permite a atacantes remotos provocar una denegación de servicio (mediante corrupción de memoria) y tener un impacto no especificado a través de vectores desconocidos. • http://bugs.chromium.org/40487 http://googlechromereleases.blogspot.com/2010/04/stable-update-bug-and-security-fixes.html http://secunia.com/advisories/39651 http://secunia.com/advisories/41856 http://www.mandriva.com/security/advisories?name=MDVSA-2011:039 http://www.ubuntu.com/usn/USN-1006-1 http://www.vupen.com/english/advisories/2010/1016 http://www.vupen.com/english/advisories/2010/2722 http://www.vupen.com/english/advisories/2011/0552 https://oval.cisecurity.org/reposi • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 43%CPEs: 108EXPL: 2CVE-2010-1663 – Google Chrome 4.1.249.1059 - Cross Origin Bypass in Google URL (GURL)
https://notcve.org/view.php?id=CVE-2010-1663
The Google URL Parsing Library (aka google-url or GURL) in Google Chrome before 4.1.249.1064 allows remote attackers to bypass the Same Origin Policy via unspecified vectors. La Biblioteca de parseado de URLs de Google (también conocido como google-url o GURL) en Google Chrome antes de la versión v4.1.249.1064 permite a atacantes remotos saltarse la política "Same-Origin Policy" a través de vectores no especificados. Google Chrome version 4.1.249.1059 suffers from a cross origin bypass vulnerability in Google URL (GURL). • https://www.exploit-db.com/exploits/12657 http://bugs.chromium.org/40445 http://googlechromereleases.blogspot.com/2010/04/stable-update-bug-and-security-fixes.html http://secunia.com/advisories/39651 http://www.vupen.com/english/advisories/2010/1016 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6813 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.5EPSS: 0%CPEs: 235EXPL: 0CVE-2010-1500
https://notcve.org/view.php?id=CVE-2010-1500
Google Chrome before 4.1.249.1059 does not properly support forms, which has unknown impact and attack vectors, related to a "type confusion error." Google Chrome anterior a v4.1.249.1059 no soporta adecuadamente los formularios, esto tiene un impacto y vectores de ataque desconocidos. Está relacionado con un "error de confusión de tipo". • http://bugs.chromium.org/39443 http://googlechromereleases.blogspot.com/2010/04/stable-update-security-fixes.html http://secunia.com/advisories/39544 http://www.securityfocus.com/bid/39603 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11906 •