FreeBSD : chromium -- multiple vulnerabilities (99aef698-66ed-11e1-8288-00262d5ed8ee)

Google Chrome Releases reports : 105867 High CVE-2011-3031: Use-after-free in v8 element wrapper. Credit to Chamal de Silva. 108037 High CVE-2011-3032: Use-after-free in SVG value handling. Credit to Arthur Gerkis. 108406 115471 High CVE-2011-3033: Buffer overflow in the Skia drawing library...

CVE-2011-3043

Use-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving a flexbox aka flexible box in conjunction with the floating of elements...

Design/Logic Flaw

Use-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving SVG animation elements...

CVE-2011-3035

Use-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving SVG use elements...

CVE-2011-3043

Use-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving a flexbox aka flexible box in conjunction with the floating of elements...

CVE-2011-3035

Use-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving SVG use elements...

Design/Logic Flaw

Use-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving SVG use elements...

CVE-2011-3044

CVE-2011-3044 affects Google Chrome prior to 17.0.963.65. The vulnerability is a use-after-free in SVG animation elements, allowing remote attackers to trigger a denial of service (and potentially other impacts) via SVG animation vectors. Mitigation provided in the Chrome update to version 17.0.9...

CVE-2011-3044

Use-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving SVG animation elements...

CVE-2011-3043

Removed by vendor...

CVE-2011-3035

Removed by vendor...

CVE-2011-3043

CVE-2011-3043 is a use-after-free vulnerability in Chrome’s handling of flexbox with floats. OpenSUSE OpenVAS/NASL data references this CVE as part of the Chromium v8 security fixes in openSUSE-SU-2012:0374-1, with the patch described as updating Chromium to 19.0.1066 (and related fixes). The vul...

CVE-2011-3035

Use-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving SVG use elements...

Google Chrome < 17.0.963.65 Multiple Vulnerabilities

Binary data 800899.prm...

CVE-2011-3043

Use-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving a flexbox aka flexible box in conjunction with the floating of elements...

chromium -- multiple vulnerabilities

Google Chrome Releases reports: 105867 High CVE-2011-3031: Use-after-free in v8 element wrapper. Credit to Chamal de Silva. 108037 High CVE-2011-3032: Use-after-free in SVG value handling. Credit to Arthur Gerkis. 108406 115471 High CVE-2011-3033: Buffer overflow in the Skia drawing library. Cred...

CVE-2012-1099 rubygem-actionpack: XSS in the "select" helper

Cross-site scripting XSS vulnerability in actionpack/lib/actionview/helpers/formoptionshelper.rb in the select helper in Ruby on Rails 3.0.x before 3.0.12, 3.1.x before 3.1.4, and 3.2.x before 3.2.2 allows remote attackers to inject arbitrary web script or HTML via vectors involving certain...

Mozilla Firefox 8.0 Multiple Vulnerabilities

Binary data 801379.prm...

CVE-2011-3658

The SVG implementation in Mozilla Firefox 8.0, Thunderbird 8.0, and SeaMonkey 2.5 does not properly interact with DOMAttrModified event handlers, which allows remote attackers to cause a denial of service out-of-bounds memory access or possibly have unspecified other impact via vectors involving...

Firefox < 9.0 Multiple Vulnerabilities

The installed version of Firefox is earlier than 9.0 and thus, is potentially affected by the following security issues : - An out-of-bounds memory access error exists in the 'SVG' implementation and can be triggered when 'SVG' elements are removed during a 'DOMAttrModified' event handler...