CVSS: 10.0EPSS: 0%CPEs: 235EXPL: 0CVE-2010-1505
https://notcve.org/view.php?id=CVE-2010-1505
Google Chrome before 4.1.249.1059 does not prevent pages from loading with the New Tab page's privileges, which has unknown impact and attack vectors. Google Chrome anterior a v4.1.249.1059 no previene que las páginas se carguen con los privilegios de las páginas de Pestaña Nueva -New Tab-. Esto tiene un impacto y vectores de ataque desconocidos. • http://bugs.chromium.org/40575 http://googlechromereleases.blogspot.com/2010/04/stable-update-security-fixes.html http://osvdb.org/63997 http://secunia.com/advisories/39544 http://www.securityfocus.com/bid/39603 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11866 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 4.3EPSS: 0%CPEs: 235EXPL: 0CVE-2010-1503
https://notcve.org/view.php?id=CVE-2010-1503
Cross-site scripting (XSS) vulnerability in Google Chrome before 4.1.249.1059 allows remote attackers to inject arbitrary web script or HTML via vectors related to a chrome://net-internals URI. Vulnerabilidad de ejecución de comandos en sitios cruzados(XSS) en Google Chrome antes de v4.1.249.1059 permite a atacantes remotos inyectar HTML o secuencias de comandos web a través de vectores relacionados con una URI chrome://net-internals. • http://bugs.chromium.org/40137 http://googlechromereleases.blogspot.com/2010/04/stable-update-security-fixes.html http://osvdb.org/63999 http://secunia.com/advisories/39544 http://www.securityfocus.com/bid/39603 http://www.securityfocus.com/bid/39667 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11244 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.3EPSS: 0%CPEs: 235EXPL: 0CVE-2010-1504
https://notcve.org/view.php?id=CVE-2010-1504
Cross-site scripting (XSS) vulnerability in Google Chrome before 4.1.249.1059 allows remote attackers to inject arbitrary web script or HTML via vectors related to a chrome://downloads URI. Vulnerabilidad de ejecución de comandos en sitios cruzados(XSS) en Google Chrome antes de v4.1.249.1059 permite a atacantes remotos inyectar HTML o secuencias de comandos web a través de vectores relacionados con una URI chrome://downloads. • http://bugs.chromium.org/40138 http://googlechromereleases.blogspot.com/2010/04/stable-update-security-fixes.html http://osvdb.org/63998 http://secunia.com/advisories/39544 http://www.securityfocus.com/bid/39603 http://www.securityfocus.com/bid/39669 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11418 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.8EPSS: 0%CPEs: 235EXPL: 0CVE-2010-1506
https://notcve.org/view.php?id=CVE-2010-1506
The Google V8 bindings in Google Chrome before 4.1.249.1059 allow attackers to cause a denial of service (memory corruption) via unknown vectors. Los enlaces de Google V8 en Google Chrome antes de la versión v4.1.249.1059 permiten a atacantes provocar una denegación de servicio (mediante corrupción de memoria) a través de vectores desconocidos. • http://bugs.chromium.org/40635 http://googlechromereleases.blogspot.com/2010/04/stable-update-security-fixes.html http://osvdb.org/63996 http://secunia.com/advisories/39544 http://www.securityfocus.com/bid/39603 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11925 •
CVSS: 9.3EPSS: 0%CPEs: 235EXPL: 0CVE-2010-1502
https://notcve.org/view.php?id=CVE-2010-1502
Unspecified vulnerability in Google Chrome before 4.1.249.1059 allows remote attackers to access local files via vectors related to "developer tools." Vulnerabilidad no especificada en Google Chrome anterior v.4.1.249.1059 permite a atacantes remotos aceder a archivos locales a través de vectores reacionados con las "herramientas de desarrollo". • http://bugs.chromium.org/40136 http://googlechromereleases.blogspot.com/2010/04/stable-update-security-fixes.html http://secunia.com/advisories/39544 http://www.securityfocus.com/bid/39603 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12041 •