CVE-2011-3050
- EPSS 2.14%
- Veröffentlicht 22.03.2012 16:55:01
- Zuletzt bearbeitet 16.06.2026 23:32:31
Use-after-free vulnerability in the Cascading Style Sheets (CSS) implementation in Google Chrome before 17.0.963.83 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the :first-lette...
CVE-2011-3053
- EPSS 1.75%
- Veröffentlicht 22.03.2012 16:55:01
- Zuletzt bearbeitet 16.06.2026 23:32:31
Use-after-free vulnerability in Google Chrome before 17.0.963.83 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to block splitting.
CVE-2011-3056
- EPSS 1.33%
- Veröffentlicht 22.03.2012 16:55:01
- Zuletzt bearbeitet 16.06.2026 23:32:31
Google Chrome before 17.0.963.83 allows remote attackers to bypass the Same Origin Policy via vectors involving a "magic iframe."
- EPSS 4.87%
- Veröffentlicht 09.03.2012 00:55:01
- Zuletzt bearbeitet 16.06.2026 23:32:30
The extension subsystem in Google Chrome before 17.0.963.78 does not properly handle history navigation, which allows remote attackers to execute arbitrary code by leveraging a "Universal XSS (UXSS)" issue.
- EPSS 2.32%
- Veröffentlicht 08.03.2012 22:55:04
- Zuletzt bearbeitet 16.06.2026 23:37:59
CFNetwork in Apple iOS before 5.1 does not properly construct request headers during parsing of URLs, which allows remote attackers to obtain sensitive information via a malformed URL, a different vulnerability than CVE-2011-3447.
CVE-2012-0642
- EPSS 4.52%
- Veröffentlicht 08.03.2012 22:55:04
- Zuletzt bearbeitet 16.06.2026 23:37:59
Integer underflow in Apple iOS before 5.1 allows remote attackers to execute arbitrary code or cause a denial of service (device crash) via a crafted catalog file in an HFS disk image.
CVE-2012-0643
- EPSS 4.93%
- Veröffentlicht 08.03.2012 22:55:04
- Zuletzt bearbeitet 16.06.2026 23:37:59
The kernel in Apple iOS before 5.1 does not properly handle debug system calls, which allows remote attackers to bypass sandbox restrictions and execute arbitrary code via a crafted program.
CVE-2012-0644
- EPSS 0.28%
- Veröffentlicht 08.03.2012 22:55:04
- Zuletzt bearbeitet 16.06.2026 23:37:59
Race condition in the Passcode Lock feature in Apple iOS before 5.1 allows physically proximate attackers to bypass intended passcode requirements via a slide-to-dial gesture.
CVE-2012-0645
- EPSS 0.35%
- Veröffentlicht 08.03.2012 22:55:04
- Zuletzt bearbeitet 16.06.2026 23:38:00
Siri in Apple iOS before 5.1 does not properly restrict the ability of Mail.app to handle voice commands, which allows physically proximate attackers to bypass the locked state via a command that forwards an active e-mail message to an arbitrary reci...
CVE-2012-0646
- EPSS 4.89%
- Veröffentlicht 08.03.2012 22:55:04
- Zuletzt bearbeitet 16.06.2026 23:38:00
Format string vulnerability in VPN in Apple iOS before 5.1 allows remote attackers to execute arbitrary code via a crafted racoon configuration file.