CVE-2011-3047

The GPU process in Google Chrome before 17.0.963.79 allows remote attackers to execute arbitrary code or cause a denial of service memory corruption by leveraging an error in the plug-in loading mechanism...

Memory corruption

The GPU process in Google Chrome before 17.0.963.79 allows remote attackers to execute arbitrary code or cause a denial of service memory corruption by leveraging an error in the plug-in loading mechanism...

CVE-2011-3047

Removed by vendor...

Java Web Start initial heap size command injection

Added: 03/02/2012 CVE: CVE-2012-0500 BID: 52015 OSVDB: 79227 Background Sun Java Web Start allows standalone Java applications, called JNLP files, to be executed by the Java Runtime Environment JRE. Problem A vulnerability in Java Web Start allows arbitrary command-line argument injection through...

CVE-2011-3021

Use-after-free vulnerability in Google Chrome before 17.0.963.56 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to subframe loading...

Design/Logic Flaw

Use-after-free vulnerability in Google Chrome before 17.0.963.56 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to subframe loading...

CVE-2011-3021

Use-after-free vulnerability in Google Chrome before 17.0.963.56 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to subframe loading...

UBUNTU-CVE-2011-3021

Use-after-free vulnerability in Google Chrome before 17.0.963.56 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to subframe loading...

CVE-2011-3021

Use-after-free vulnerability in Google Chrome before 17.0.963.56 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to subframe loading...

CVE-2011-3021

Use-after-free vulnerability in Google Chrome before 17.0.963.56 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to subframe loading...

CVE-2011-3021

Removed by vendor...

CVE-2011-3021

CVE-2011-3021 affects Google Chrome up to version 17.0.963.56, where a use-after-free in the subframe loading path allows remote attackers to cause a denial of service and potentially other impacts. The issue is triggered via subframe loading vectors and is described as a use-after-free vulnerabi...

Chrome Stable Update

The Chrome Stable channel has been updated to 17.0.963.56 on Windows, Mac, Linux and Chrome Frame. This release fixes a number of stability and security issues in Chrome, and also includes a new version of Flash. More info on the Flash update is available from Adobe. Security fixes and rewards:...

chromium -- multiple vulnerabilities

Google Chrome Releases reports: 105803 High CVE-2011-3015: Integer overflows in PDF codecs. Credit to Google Chrome Security Team scarybeasts. 106336 Medium CVE-2011-3016: Read-after-free with counter nodes. Credit to miaubiz. 108695 High CVE-2011-3017: Possible use-after-free in database handlin...

Microsoft Windows Color Control Panel Remote Code Execution Vulnerability (2643719)

This host is missing an important security update according to Microsoft Bulletin MS12-012. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

Microsoft Windows Indeo Codec Insecure Library Loading (MS12-014; CVE-2010-3138)

A remote code execution vulnerability has been reported in Microsoft Windows...

MS12-012: Vulnerability in Color Control Panel Could Allow Remote Code Execution (2643719)

The remote host contains a version of Windows Color Control Panel that is affected by an insecure library loading vulnerability. A remote attacker could exploit this by tricking a user into opening a .camp, .cdmp, .gmmp, .icc, or .icm file in a directory that also contains a malicious 'sti.dll'...

JVN#85695061: ALFTP may insecurely load executable files

ALFTP provided by ESTsoft Corp. is a FTP client software with the built in FTP server. ALFTP contains an issue when loading files. For example, if an user tries to open README a file without extention which exists in the same directory where README.exe a file with .exe extention exists, README.ex...

Scientific Toolworks Understand 'wintab32.dll' DLL Loading Arbitrary Code Execution

The version of Scientific Toolworks Understand installed on the remote Windows host is earlier than 2.6 Build 600. As such, it insecurely looks in its current working directory when resolving DLL dependencies, such as for 'wintab32.dll'. Attackers may exploit this issue by placing a specially...

SciTools Understand 2.6 (wintab32.dll) DLL Loading Arbitrary Code Execution

Summary Understand is a static analysis tool for maintaining, measuring, and analyzing critical or large code bases. Description The vulnerability is caused due to the application loading libraries wintab32.dll in an insecure manner. This can be exploited to load arbitrary libraries by tricking a...