CVSS: 9.3EPSS: 6%CPEs: 2EXPL: 0CVE-2012-0592 – WebKit.org Webkit Array.Splice Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2012-0592
08 Mar 2012 — WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2. WebKit, tal y como se usa en Apple iTunes antes de v10.6 y Apple iOS antes de v5.1, permite a atacantes remotos ejecutar código de su elección o causar una denegación de servicio (corrupción de m... • http://lists.apple.com/archives/security-announce/2012/Mar/msg00000.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.6EPSS: 0%CPEs: 63EXPL: 0CVE-2012-0634
https://notcve.org/view.php?id=CVE-2012-0634
08 Mar 2012 — WebKit, as used in Apple iTunes before 10.6, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2012-03-07-1. WebKit, tal y como se usa en iTunes de Apple antes de v10.6, permite ejecutar código de su elección a atacantes man-in-the-middle o causar una denegación de servicio (corrupción de memoria y caída de la aplicación)... • http://lists.apple.com/archives/security-announce/2012/Mar/msg00000.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.6EPSS: 0%CPEs: 64EXPL: 0CVE-2012-0636
https://notcve.org/view.php?id=CVE-2012-0636
08 Mar 2012 — WebKit, as used in Apple iTunes before 10.6, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2012-03-07-1. WebKit, tal y como se usa en iTunes de Apple antes de v10.6, permite jecutar código de su elección a atacantes man-in-the-middle o causar una denegación de servicio (corrupción de memoria y caída de la aplicación) ... • http://lists.apple.com/archives/security-announce/2012/Mar/msg00000.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.6EPSS: 0%CPEs: 64EXPL: 0CVE-2012-0637
https://notcve.org/view.php?id=CVE-2012-0637
08 Mar 2012 — WebKit, as used in Apple iTunes before 10.6, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2012-03-07-1. WebKit, tal y como se usa en iTunes de Apple antes de v10.6, permite jecutar código de su elección a atacantes man-in-the-middle o causar una denegación de servicio (corrupción de memoria y caída de la aplicación) ... • http://lists.apple.com/archives/security-announce/2012/Mar/msg00000.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.6EPSS: 0%CPEs: 63EXPL: 0CVE-2012-0638
https://notcve.org/view.php?id=CVE-2012-0638
08 Mar 2012 — WebKit, as used in Apple iTunes before 10.6, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2012-03-07-1. WebKit, tal y como se usa en iTunes de Apple antes de v10.6, permite jecutar código de su elección a atacantes man-in-the-middle o causar una denegación de servicio (corrupción de memoria y caída de la aplicación) ... • http://lists.apple.com/archives/security-announce/2012/Mar/msg00000.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.6EPSS: 0%CPEs: 63EXPL: 0CVE-2012-0639
https://notcve.org/view.php?id=CVE-2012-0639
08 Mar 2012 — WebKit, as used in Apple iTunes before 10.6, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2012-03-07-1. WebKit, tal y como se usa en iTunes de Apple antes de v10.6, permite ejecutar código de su elección a atacantes man-in-the-middle o causar una denegación de servicio (corrupción de memoria y caída de la aplicación)... • http://lists.apple.com/archives/security-announce/2012/Mar/msg00000.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.6EPSS: 0%CPEs: 63EXPL: 0CVE-2012-0648
https://notcve.org/view.php?id=CVE-2012-0648
08 Mar 2012 — WebKit, as used in Apple iTunes before 10.6, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2012-03-07-1. WebKit, tal y v como se usa en Apple iTunes antes de v10.6, permite ejecutar código de su elección a atacantes man-in-the-middle o causar una denegación de servicio (por corrupción de memoria y caída de aplicación)... • http://lists.apple.com/archives/security-announce/2012/Mar/msg00000.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 1%CPEs: 5EXPL: 0CVE-2011-3037
https://notcve.org/view.php?id=CVE-2011-3037
05 Mar 2012 — Google Chrome before 17.0.963.65 does not properly perform casts of unspecified variables during the splitting of anonymous blocks, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a crafted document. Google Chrome anteriores a v17.0.963.65 no realiza las conversiones entre variables no especificadas durante el troceado de bloques anónimos de forma de forma correcta, lo que permite a atacantes remotos provocar una denegación de servicio o posiblemente tene... • http://code.google.com/p/chromium/issues/detail?id=113439 • CWE-704: Incorrect Type Conversion or Cast •
CVSS: 8.8EPSS: 0%CPEs: 5EXPL: 0CVE-2011-3044
https://notcve.org/view.php?id=CVE-2011-3044
05 Mar 2012 — Use-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving SVG animation elements. Vulnerabilidad de uso después de la liberación en Google Chrome anteriores a v17.0.963.65, permite a atacantes remotos producir una denegación de servicio o posiblemente otros efectos a través de vectores que implican elementos de animación SVG. • http://code.google.com/p/chromium/issues/detail?id=116093 • CWE-416: Use After Free •
CVSS: 8.8EPSS: 0%CPEs: 5EXPL: 0CVE-2011-3036
https://notcve.org/view.php?id=CVE-2011-3036
05 Mar 2012 — Google Chrome before 17.0.963.65 does not properly perform a cast of an unspecified variable during handling of line boxes, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a crafted document. Google Chrome anteriores a v17.0.963.65 no realiza las conversiones entre variables no especificadas durante el troceado de bloques anónimos de forma de forma correcta, lo que permite a atacantes remotos provocar una denegación de servicio o posiblemente tener otro i... • http://code.google.com/p/chromium/issues/detail?id=113258 • CWE-704: Incorrect Type Conversion or Cast •