Apple Itunes vulnerabilities

CVE-2011-2831 [HIGH] CWE-119 CVE-2011-2831: WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1.

CVE-2011-2877 [MEDIUM] CVE-2011-2877: Google Chrome before 14.0.835.202 does not properly handle SVG text, which allows remote attackers t Google Chrome before 14.0.835.202 does not properly handle SVG text, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to "stale font."

CVE-2011-2860 [HIGH] CWE-416 CVE-2011-2860: Use-after-free vulnerability in Google Chrome before 14.0.835.163 allows remote attackers to cause a Use-after-free vulnerability in Google Chrome before 14.0.835.163 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to table styles.

CVE-2011-3234 [MEDIUM] CWE-125 CVE-2011-3234: Google Chrome before 14.0.835.163 does not properly handle boxes, which allows remote attackers to c Google Chrome before 14.0.835.163 does not properly handle boxes, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.

CVE-2011-2857 [MEDIUM] CWE-416 CVE-2011-2857: Use-after-free vulnerability in Google Chrome before 14.0.835.163 allows remote attackers to cause a Use-after-free vulnerability in Google Chrome before 14.0.835.163 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the focus controller.

CVE-2011-2846 [MEDIUM] CWE-416 CVE-2011-2846: Use-after-free vulnerability in Google Chrome before 14.0.835.163 allows remote attackers to cause a Use-after-free vulnerability in Google Chrome before 14.0.835.163 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to unload event handling.

CVE-2011-2854 [MEDIUM] CWE-416 CVE-2011-2854: Use-after-free vulnerability in Google Chrome before 14.0.835.163 allows remote attackers to cause a Use-after-free vulnerability in Google Chrome before 14.0.835.163 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to "ruby / table style handing."

CVE-2011-2855 [MEDIUM] CWE-74 CVE-2011-2855: Google Chrome before 14.0.835.163 does not properly handle Cascading Style Sheets (CSS) token sequen Google Chrome before 14.0.835.163 does not properly handle Cascading Style Sheets (CSS) token sequences, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale node."

CVE-2011-2847 [MEDIUM] CWE-416 CVE-2011-2847: Use-after-free vulnerability in the document loader in Google Chrome before 14.0.835.163 allows remo Use-after-free vulnerability in the document loader in Google Chrome before 14.0.835.163 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted document.

CVE-2011-2825 [CRITICAL] CWE-416 CVE-2011-2825: Use-after-free vulnerability in Google Chrome before 13.0.782.215 allows remote attackers to cause a Use-after-free vulnerability in Google Chrome before 13.0.782.215 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving custom fonts.

CVE-2011-2823 [HIGH] CWE-416 CVE-2011-2823: Use-after-free vulnerability in Google Chrome before 13.0.782.215 allows remote attackers to cause a Use-after-free vulnerability in Google Chrome before 13.0.782.215 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving a line box.

CVE-2011-2827 [HIGH] CWE-416 CVE-2011-2827: Use-after-free vulnerability in Google Chrome before 13.0.782.215 allows remote attackers to cause a Use-after-free vulnerability in Google Chrome before 13.0.782.215 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to text searching.

CVE-2011-2818 [MEDIUM] CWE-416 CVE-2011-2818: Use-after-free vulnerability in Google Chrome before 13.0.782.107 allows remote attackers to cause a Use-after-free vulnerability in Google Chrome before 13.0.782.107 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to display box rendering.

CVE-2011-2799 [MEDIUM] CWE-416 CVE-2011-2799: Use-after-free vulnerability in Google Chrome before 13.0.782.107 allows remote attackers to cause a Use-after-free vulnerability in Google Chrome before 13.0.782.107 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to HTML range handling.

CVE-2011-2792 [MEDIUM] CWE-416 CVE-2011-2792: Use-after-free vulnerability in Google Chrome before 13.0.782.107 allows remote attackers to cause a Use-after-free vulnerability in Google Chrome before 13.0.782.107 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to float removal.

CVE-2011-2359 [MEDIUM] CWE-20 CVE-2011-2359: Google Chrome before 13.0.782.107 does not properly track line boxes during rendering, which allows Google Chrome before 13.0.782.107 does not properly track line boxes during rendering, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer."

CVE-2011-2797 [MEDIUM] CWE-416 CVE-2011-2797: Use-after-free vulnerability in Google Chrome before 13.0.782.107 allows remote attackers to cause a Use-after-free vulnerability in Google Chrome before 13.0.782.107 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to resource caching.

CVE-2011-2788 [MEDIUM] CWE-120 CVE-2011-2788: Buffer overflow in the inspector serialization functionality in Google Chrome before 13.0.782.107 al Buffer overflow in the inspector serialization functionality in Google Chrome before 13.0.782.107 allows user-assisted remote attackers to have an unspecified impact via unknown vectors.

CVE-2011-2790 [MEDIUM] CWE-416 CVE-2011-2790: Use-after-free vulnerability in Google Chrome before 13.0.782.107 allows remote attackers to cause a Use-after-free vulnerability in Google Chrome before 13.0.782.107 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving floating styles.

CVE-2011-2351 [MEDIUM] CWE-416 CVE-2011-2351: Use-after-free vulnerability in Google Chrome before 12.0.742.112 allows remote attackers to cause a Use-after-free vulnerability in Google Chrome before 12.0.742.112 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving SVG use elements.