Apple: >> Iphone Os >> 1.1.4 Security Vulnerabilities
Use-after-free vulnerability in Google Chrome before 18.0.1025.151 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to style-application commands.
CVSS Score
6.8
EPSS Score
0.014
Published
2012-04-05
Google Chrome before 18.0.1025.142 does not properly handle the EUC-JP encoding system, which might allow remote attackers to conduct cross-site scripting (XSS) attacks via unspecified vectors.
CVSS Score
4.3
EPSS Score
0.008
Published
2012-03-30
Google Chrome before 18.0.1025.142 does not properly handle SVG text elements, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
CVSS Score
6.8
EPSS Score
0.024
Published
2012-03-30
Google Chrome before 18.0.1025.142 does not properly handle text fragments, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
CVSS Score
6.8
EPSS Score
0.016
Published
2012-03-30
Use-after-free vulnerability in Google Chrome before 18.0.1025.142 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to SVG clipping.
CVSS Score
7.5
EPSS Score
0.039
Published
2012-03-30
Use-after-free vulnerability in the Cascading Style Sheets (CSS) implementation in Google Chrome before 17.0.963.83 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the :first-letter pseudo-element.
CVSS Score
6.8
EPSS Score
0.056
Published
2012-03-22
Use-after-free vulnerability in Google Chrome before 17.0.963.83 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to block splitting.
CVSS Score
6.8
EPSS Score
0.044
Published
2012-03-22
Google Chrome before 17.0.963.83 allows remote attackers to bypass the Same Origin Policy via vectors involving a "magic iframe."
CVSS Score
6.8
EPSS Score
0.009
Published
2012-03-22
The extension subsystem in Google Chrome before 17.0.963.78 does not properly handle history navigation, which allows remote attackers to execute arbitrary code by leveraging a "Universal XSS (UXSS)" issue.
CVSS Score
10.0
EPSS Score
0.032
Published
2012-03-09
CFNetwork in Apple iOS before 5.1 does not properly construct request headers during parsing of URLs, which allows remote attackers to obtain sensitive information via a malformed URL, a different vulnerability than CVE-2011-3447.
CVSS Score
5.0
EPSS Score
0.006
Published
2012-03-08