Page 9 of 47 results (0.013 seconds)

CVSS: 9.3EPSS: 2%CPEs: 2EXPL: 0

Google Chrome before 6.0.472.53 and webkitgtk before 1.2.6 do not properly handle counter nodes, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors. Chrome de Google anterior a versión 6.0.472.53 y webkitgtk anterior a versión 1.2.6, no maneja apropiadamente los nodos contadores, lo que permite a los atacantes remotos causar una denegación de servicio (corrupción de memoria) o posiblemente tener otro impacto no especificado por medio de vectores desconocidos. • http://code.google.com/p/chromium/issues/detail?id=51653 http://googlechromereleases.blogspot.com/2010/09/stable-and-beta-channel-updates.html http://secunia.com/advisories/43086 http://www.mandriva.com/security/advisories?name=MDVSA-2011:039 http://www.redhat.com/support/errata/RHSA-2011-0177.html http://www.vupen.com/english/advisories/2011/0216 http://www.vupen.com/english/advisories/2011/0552 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11736&# • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 9.3EPSS: 4%CPEs: 8EXPL: 0

Use-after-free vulnerability in WebKit, as used in Apple Safari before 4.1.3 and 5.0.x before 5.0.3, Google Chrome before 6.0.472.53, and webkitgtk before 1.2.6, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving element focus. Google Chrome anterior a v6.0.472.53 no realiza apropiadamente el manejo del foco, lo que permite a atacantes remotos causar una denegación de servicio o posiblemente tener otros impactos sin especificar a través de vectores desconocidos. Relacionado con un problema "stale pointer" • http://code.google.com/p/chromium/issues/detail?id=52443 http://googlechromereleases.blogspot.com/2010/09/stable-and-beta-channel-updates.html http://lists.apple.com/archives/security-announce/2010//Nov/msg00002.html http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html http://secunia.com/advisories/41856 http://secunia.com/advisories/42314 http://secunia.com/advisories/43068 http://secunia&# • CWE-416: Use After Free •

CVSS: 10.0EPSS: 0%CPEs: 5EXPL: 0

Google Chrome before 5.0.375.127, and webkitgtk before 1.2.5, does not properly handle SVG documents, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors related to state changes when using DeleteButtonController. Google Chrome anterior a v5.0.375.127 no maneja correctamente los documentos SVG, lo que podría permitir a atacantes remotos provocar una denegación de servicio (corrupción de memoria) o posiblemente tenga otros impactos sin especificar a través de vectores desconocidos • http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=628032 http://code.google.com/p/chromium/issues/detail?id=49596 http://googlechromereleases.blogspot.com/2010/08/stable-channel-update_19.html http://secunia.com/advisories/41856 http://secunia.com/advisories/43086 http://trac.webkit.org/changeset/63865 http://www.mandriva.com/security/advisories?name=MDVSA-2011:039 http://www.redhat.com/support/errata/RHSA-2011-0177.html http://www.securityfocus.com/bid/44199 http://www.u • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 10.0EPSS: 0%CPEs: 5EXPL: 0

The text-editing implementation in Google Chrome before 5.0.375.127, and webkitgtk before 1.2.6, does not check a node type before performing a cast, which has unspecified impact and attack vectors related to (1) DeleteSelectionCommand.cpp, (2) InsertLineBreakCommand.cpp, or (3) InsertParagraphSeparatorCommand.cpp in WebCore/editing/. La implementación de edición de texto en Google Chrome anterior a v5.0.375.127 no realiza conversiones de forma correcta, lo que podría tener impacto y vectores de ataque no especificados. • http://code.google.com/p/chromium/issues/detail?id=49628 http://googlechromereleases.blogspot.com/2010/08/stable-channel-update_19.html http://secunia.com/advisories/41856 http://secunia.com/advisories/43086 http://trac.webkit.org/changeset/63773 http://www.mandriva.com/security/advisories?name=MDVSA-2011:039 http://www.redhat.com/support/errata/RHSA-2011-0177.html http://www.securityfocus.com/bid/44201 http://www.ubuntu.com/usn/USN-1006-1 http://www.vupen.com/english/ •

CVSS: 10.0EPSS: 5%CPEs: 8EXPL: 0

Multiple use-after-free vulnerabilities in WebKit, as used in Apple Safari before 4.1.3 and 5.0.x before 5.0.3, Google Chrome before 5.0.375.127, and webkitgtk before 1.2.6, allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to improper handling of MIME types by plug-ins. Google Chrome anterior a v5.0.375.127 no procesa correctamente los tipos MIME, lo que podría permitir a atacantes remotos provocar una denegación de servicio (corrupción de memoria) o posiblemente tener otro impacto mediante vectores desconocidos • http://code.google.com/p/chromium/issues/detail?id=50515 http://code.google.com/p/chromium/issues/detail?id=51835 http://googlechromereleases.blogspot.com/2010/08/stable-channel-update_19.html http://lists.apple.com/archives/security-announce/2010//Nov/msg00002.html http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html http://secunia.com/advisories/41856 http://secunia.com/advisories/42314 • CWE-416: Use After Free •