CVSS: 7.6EPSS: 0%CPEs: 59EXPL: 0CVE-2011-2831
https://notcve.org/view.php?id=CVE-2011-2831
12 Oct 2011 — WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1. WebKit, como el usado en iTunes de Apple anterior a v10.5, permite que atacantes de man-in-the-middle ejecutar código arbitrario o provocar una denegación de servicio (corrupción de memoria y caída de aplicación) a... • http://lists.apple.com/archives/Security-announce/2011//Oct/msg00000.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.6EPSS: 0%CPEs: 59EXPL: 0CVE-2011-2811
https://notcve.org/view.php?id=CVE-2011-2811
12 Oct 2011 — WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1. • http://lists.apple.com/archives/Security-announce/2011//Oct/msg00000.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.6EPSS: 0%CPEs: 59EXPL: 0CVE-2011-2816
https://notcve.org/view.php?id=CVE-2011-2816
12 Oct 2011 — WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1. WebKit, como el usado en iTunes de Apple anterior a v10.5, permite que atacantes de man-in-the-middle ejecutar código arbitrario o provocar una denegación de servicio (corrupción de memoria y caída de aplicación) a... • http://lists.apple.com/archives/Security-announce/2011//Oct/msg00000.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.6EPSS: 7%CPEs: 59EXPL: 0CVE-2011-3233
https://notcve.org/view.php?id=CVE-2011-3233
12 Oct 2011 — WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1. WebKit, tal como se usa en Apple iTunes en versiones anteriores a 10.5, permite a atacantes "man-in-the-middle" ejecutar código arbitrario o provocar una denegación de servicio (corrupción de memoria y caída de la ... • http://lists.apple.com/archives/Security-announce/2011//Oct/msg00000.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.6EPSS: 0%CPEs: 59EXPL: 0CVE-2011-2356
https://notcve.org/view.php?id=CVE-2011-2356
12 Oct 2011 — WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1. WebKit, tal como se usa en Apple iTunes en versiones anteriores a 10.5, permite a atacantes "man-in-the-middle" ejecutar código arbitrario o provocar una denegación de servicio (corrupción de memoria y caída de la ... • http://lists.apple.com/archives/Security-announce/2011//Oct/msg00000.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.6EPSS: 7%CPEs: 59EXPL: 0CVE-2011-3239
https://notcve.org/view.php?id=CVE-2011-3239
12 Oct 2011 — WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1. WebKit, como el usado en iTunes de Apple anterior a v10.5, permite que a atacantes man-in-the-middle ejecutar código arbitrario o provocar una denegación de servicio (corrupción de memoria y caída de aplicación) a ... • http://lists.apple.com/archives/Security-announce/2011//Oct/msg00000.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 7%CPEs: 76EXPL: 0CVE-2011-3219 – Apple QuickTime H264 Stream frame_cropping Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2011-3219
12 Oct 2011 — Buffer overflow in CoreMedia, as used in Apple iTunes before 10.5, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file with H.264 encoding. Desbordamiento de buffer en CoreMedia, tal como se usa en Apple iTunes en versiones anteriores a 10.5, permite a atacantes remotos ejecutar código arbitrario o provocar una denegación de servicio (caída de la aplicación) a través de un fichero multimedia codificado con H.264. This vulnerability allo... • http://lists.apple.com/archives/Security-announce/2011//Oct/msg00000.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 12%CPEs: 76EXPL: 0CVE-2011-3252 – Apple Quicktime Advanced Audio Codec Frame Parsing Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2011-3252
12 Oct 2011 — Buffer overflow in CoreAudio, as used in Apple iTunes before 10.5, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted Advanced Audio Coding (AAC) stream. Desbordamiento de búfer en CoreAudio, como el que se utiliza en iTunes de Apple anterior a v10.5, permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (caída de aplicación) a través de un envío de datos manipulado Advanced Audio Coding (AAC). This vulnerabil... • http://lists.apple.com/archives/Security-announce/2011//Oct/msg00000.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 1%CPEs: 4EXPL: 0CVE-2011-2877
https://notcve.org/view.php?id=CVE-2011-2877
04 Oct 2011 — Google Chrome before 14.0.835.202 does not properly handle SVG text, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to "stale font." Google Chrome antes de v14.0.835.202 no controla correctamente el texto SVG, lo que permite a atacantes remotos causar una denegación de servicio o posiblemente tener un impacto no especificado a través de vectores desconocidos que conducen a una fuente de letra bloqueada. • http://code.google.com/p/chromium/issues/detail?id=95072 •
CVSS: 9.8EPSS: 2%CPEs: 4EXPL: 0CVE-2011-2855
https://notcve.org/view.php?id=CVE-2011-2855
17 Sep 2011 — Google Chrome before 14.0.835.163 does not properly handle Cascading Style Sheets (CSS) token sequences, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale node." Google Chrome antes de la v14.0.835.163 no controla correctamente secuencias de señal Cascading Style Sheets (CSS), lo que permite a atacantes remotos causar una denegación de servicio o posiblemente tener un impacto no especificado a través de vectores des... • http://code.google.com/p/chromium/issues/detail?id=92959 • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') •