CVE-2012-2881

Google Chrome before 22.0.1229.79 does not properly handle plug-ins, which allows remote attackers to cause a denial of service DOM tree corruption or possibly have unspecified other impact via unknown vectors...

Design/Logic Flaw

Use-after-free vulnerability in Google Chrome before 22.0.1229.79 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to plug-in handling...

Memory corruption

Google Chrome before 22.0.1229.79 does not properly handle plug-ins, which allows remote attackers to cause a denial of service DOM tree corruption or possibly have unspecified other impact via unknown vectors...

CVE-2012-2880

Race condition in Google Chrome before 22.0.1229.79 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the plug-in paint buffer...

CVE-2012-2880

CVE-2012-2880 corresponds to a Chrome/Chromium race condition in the plug-in paint buffer that could lead to DoS or other impact. Connected sources confirm Chromium/Chrome were updated to a fixed version; Gentoo GLSA-201210-07 specifies upgrading to Chromium 22.0.1229.94 or newer, and openSUSE/Op...

CVE-2012-2878

Removed by vendor...

CVE-2012-2881

Google Chrome before 22.0.1229.79 does not properly handle plug-ins, which allows remote attackers to cause a denial of service DOM tree corruption or possibly have unspecified other impact via unknown vectors...

CVE-2012-2881

Technical details (affected product/component/version, root cause, exploit info, or remediation) are not publicly available in the provided connected documents beyond the initial CVE description. Monitor for updates from official advisories.

CVE-2012-2881

Removed by vendor...

CVE-2012-2880

Removed by vendor...

CVE-2012-2878

CVE-2012-2878 is a use-after-free vulnerability in Google Chrome's plug-in handling, allowing a remote attacker to cause a denial of service and possibly other impact. Public fixes progressed with Chromium updates: openSUSE/SUSE advisories show Chromium upgraded beyond 22.0.1229.94 (e.g., 24.0.12...

CVE-2012-2878

Use-after-free vulnerability in Google Chrome before 22.0.1229.79 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to plug-in handling...

Citrix Online Plug-in Installed

Citrix Online-plugin, formerly ICA Client, a client application for accessing remote documents and virtual desktops, is installed on the remote Windows host. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid62308; scriptversion"1.9";...

Citrix Receiver / Online Plug-in Remote Code Execution (CTX134681)

Citrix Receiver prior to 3.3 or Citrix Online Plug-in prior to 12.3 is installed on the remote Windows host. As such, the install is potentially affected by an unspecified code execution vulnerability. By exploiting this flaw, a remote, unauthenticated attacker could execute arbitrary code on the...

chromium -- multiple vulnerabilities

Google Chrome Releases reports: 143439 High CVE-2012-2889: UXSS in frame handling. Credit to Sergey Glazunov. 143437 High CVE-2012-2886: UXSS in v8 bindings. Credit to Sergey Glazunov. 139814 High CVE-2012-2881: DOM tree corruption with plug-ins. Credit to Chamal de Silva. 135432 High...

CVE-2012-5006

CVE-2012-5006 affects Caminova DjVu Browser Plug-in, specifically the npdjvu.dll component. A heap-based buffer overflow in the plug-in allows remote attackers to execute arbitrary code via a crafted Sjbz chunk in a DJVU file. Affected versions include 6.1.4 Build 27351 and earlier than 6.1.4.279...

KLA10138 ACE vulnerability in DjVu Browser Plug-in

A buffer overflow was found in the DjVu Browser Plug-in. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely via a specially designed djvu file. Original advisories Changelog Related products DjVu-Browser-Plug-In CVE list...

BlackHole Exploit Kit 2.0 released with more latest Exploits

According to release announcement on Pastebin by unknown developers in a Russian-language BlackHole Exploit Kit 2.0 released with more latest Exploits. BlackHole is one of the most dominant exploit toolkits currently available in the underground market. It enables attackers to exploit security...

CVE-2012-4759

Untrusted search path vulnerability in facebookplugin.fpi in the Facebook plug-in in Foxit Reader 5.3.1.0606 allows local users to gain privileges via a Trojan horse dwmapi.dll file in the current working directory, as demonstrated by a directory that contains a .pdf file. NOTE: some of these...

CVE-2012-4759

Untrusted search path vulnerability in facebookplugin.fpi in the Facebook plug-in in Foxit Reader 5.3.1.0606 allows local users to gain privileges via a Trojan horse dwmapi.dll file in the current working directory, as demonstrated by a directory that contains a .pdf file. NOTE: some of these...