Computer Security
[EN] securityvulns.ru no-pyccku


Google Chrome multiple security vulonerabilities
Published:22.02.2011
Source:
SecurityVulns ID:11447
Type:client
Threat Level:
7/10
Description:Memory corruptions, crossite scripting, DoS conditions.
Affected:GOOGLE : Chrome 9.0
CVE:CVE-2011-0985 (Google Chrome before 9.0.597.94 does not properly perform process termination upon memory exhaustion, which has unspecified impact and remote attack vectors.)
 CVE-2011-0984 (Google Chrome before 9.0.597.94 does not properly handle plug-ins, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.)
 CVE-2011-0983 (Google Chrome before 9.0.597.94 does not properly handle anonymous blocks, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer.")
 CVE-2011-0981 (Google Chrome before 9.0.597.94 does not properly perform event handling for animations, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer.")
 CVE-2011-0783 (Unspecified vulnerability in Google Chrome before 9.0.597.84 allows user-assisted remote attackers to cause a denial of service (application crash) via vectors involving a "bad volume setting.")
 CVE-2011-0778 (Google Chrome before 9.0.597.84 does not properly restrict drag and drop operations, which might allow remote attackers to bypass the Same Origin Policy via unspecified vectors.)
 CVE-2011-0777 (Use-after-free vulnerability in Google Chrome before 9.0.597.84 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to image loading.)
Original documentdocumentDEBIAN, [SECURITY] [DSA 2166-1] chromium-browser security update (22.02.2011)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod