[Winvulns-announcements] BES Auto Notification: New Fixlets Published in Fixlet Site: 'Vulnerabilities to Windows Systems'

Wed Sep 1 05:20:22 PDT 2010

Fixlet Site - 'Vulnerabilities to Windows Systems'
Current Version: 217	Published: Tue, 31 Aug 2010 18:18:30  GMT

New Fixlets:
============

***************************************************************
Title: Denial of service vulnerability in Google Chrome before 5.0.375.99
Severity: Medium
Fixlet ID: 1111801
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval11118.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2652
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Google Chrome before 5.0.375.99 does not properly implement modal dialogs, which allows attackers to cause a denial of service (application crash) via unspecified vectors.

***************************************************************
Title: Vulnerability in file dialogs implementation in Google Chrome before 5.0.375.127
Severity: High
Fixlet ID: 1127501
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval11275.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-3112
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Google Chrome before 5.0.375.127 does not properly implement file dialogs, which allows attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.

***************************************************************
Title: Use-after-free vulnerability in the Element::normalizeAttributes function in dom/Element.cpp in WebCore in WebKit in Google Chrome before 5.0.375.70
Severity: High
Fixlet ID: 1135701
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval11357.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2300
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Use-after-free vulnerability in the Element::normalizeAttributes function in dom/Element.cpp in WebCore in WebKit in Google Chrome before 5.0.375.70 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via vectors related to handlers for DOM mutation events, aka rdar problem 7948784.  NOTE: this might overlap CVE-2010-1759.

***************************************************************
Title: Vulnerability in rendering/FixedTableLayout.cpp in WebCore in WebKit in Google Chrome before 5.0.375.70
Severity: High
Fixlet ID: 1143401
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval11434.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2297
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: rendering/FixedTableLayout.cpp in WebCore in WebKit in Google Chrome before 5.0.375.70 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an HTML document that has a large colspan attribute within a table.

***************************************************************
Title: Unspecified vulnerability in Google Chrome before 5.0.375.99 related to an annoyance with print dialogs
Severity: High
Fixlet ID: 1143801
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval11438.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2650
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Unspecified vulnerability in Google Chrome before 5.0.375.99 has unknown impact and attack vectors, related to an "annoyance with print dialogs."

***************************************************************
Title: Adobe Shockwave Player Memory Corruption Vulnerability
Severity: High
Fixlet ID: 1152101
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval11521.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2875
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem.  When the candidate has been publicized, the details for this candidate will be provided.

***************************************************************
Title: Adobe Shockwave Player Memory Corruption Vulnerability
Severity: High
Fixlet ID: 1152201
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval11522.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2863
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem.  When the candidate has been publicized, the details for this candidate will be provided.

***************************************************************
Title: Adobe Shockwave Player Multiple Denial of Service Issues
Severity: High
Fixlet ID: 1154001
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval11540.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2868
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem.  When the candidate has been publicized, the details for this candidate will be provided.

***************************************************************
Title: Adobe Shockwave Player Memory Corruption Vulnerability
Severity: High
Fixlet ID: 1155401
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval11554.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2870
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem.  When the candidate has been publicized, the details for this candidate will be provided.

***************************************************************
Title: Vulnerability in text-editing implementation in Google Chrome before 5.0.375.127
Severity: High
Fixlet ID: 1157701
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval11577.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-3114
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: The text-editing implementation in Google Chrome before 5.0.375.127 does not properly perform casts, which has unspecified impact and attack vectors.

***************************************************************
Title: Adobe Shockwave Player Memory Corruption Vulnerability
Severity: High
Fixlet ID: 1161401
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval11614.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2881
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem.  When the candidate has been publicized, the details for this candidate will be provided.

***************************************************************
Title: Vulnerability in  page/Geolocation.cpp in WebCore in WebKit in Google Chrome before 5.0.375.70
Severity: High
Fixlet ID: 1166101
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval11661.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2303
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: page/Geolocation.cpp in WebCore in WebKit in Google Chrome before 5.0.375.70 does not stop timers associated with geolocation upon deletion of a document, which has unspecified impact and remote attack vectors.

***************************************************************
Title: Adobe Shockwave Player Denial of Service Issue
Severity: Medium
Fixlet ID: 1172501
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval11725.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2865
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem.  When the candidate has been publicized, the details for this candidate will be provided.

***************************************************************
Title: Adobe Shockwave Player Memory Corruption Vulnerability
Severity: High
Fixlet ID: 1180501
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval11805.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2876
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem.  When the candidate has been publicized, the details for this candidate will be provided.

***************************************************************
Title: Vulnerability in large canvas handling in Google Chrome before 5.0.375.125
Severity: High
Fixlet ID: 1181801
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval11818.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2900
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Google Chrome before 5.0.375.125 does not properly handle a large canvas, which has unspecified impact and remote attack vectors.

***************************************************************
Title: Vulnerability in toAlphabetic function in rendering/RenderListMarker.cpp in WebCore in WebKit in Google Chrome before 5.0.375.70
Severity: High
Fixlet ID: 1183001
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval11830.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2304
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: The toAlphabetic function in rendering/RenderListMarker.cpp in WebCore in WebKit in Google Chrome before 5.0.375.70 allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via vectors related to list markers, aka rdar problem 8009118.

***************************************************************
Title: Vulnerability in autosuggest feature in the Omnibox implementation in Google Chrome before 5.0.375.127
Severity: Medium
Fixlet ID: 1183901
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval11839.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-3118
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: The autosuggest feature in the Omnibox implementation in Google Chrome before 5.0.375.127 does not anticipate entry of passwords, which might allow remote attackers to obtain sensitive information by reading the network traffic generated by this feature.

***************************************************************
Title: Cross-site scripting (XSS) vulnerability in editing/markup.cpp in WebCore in WebKit in Google Chrome before 5.0.375.70
Severity: Medium
Fixlet ID: 1186101
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval11861.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2301
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Cross-site scripting (XSS) vulnerability in editing/markup.cpp in WebCore in WebKit in Google Chrome before 5.0.375.70 allows remote attackers to inject arbitrary web script or HTML via vectors related to the node.innerHTML property of a TEXTAREA element.  NOTE: this might overlap CVE-2010-1762.

***************************************************************
Title: Vulnerability in Geolocation feature in Google Chrome before 5.0.375.127
Severity: High
Fixlet ID: 1186501
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval11865.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-3120
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Google Chrome before 5.0.375.127 does not properly implement the Geolocation feature, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.

***************************************************************
Title: Adobe Shockwave Player Memory Corruption Vulnerability
Severity: High
Fixlet ID: 1188301
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval11883.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2878
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem.  When the candidate has been publicized, the details for this candidate will be provided.

***************************************************************
Title: Denial of service Vulnerability in Google Chrome before 5.0.375.99 related to SVG document
Severity: High
Fixlet ID: 1188401
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval11884.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2647
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Google Chrome before 5.0.375.99 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via an invalid SVG document.

***************************************************************
Title: Adobe Shockwave Player Memory Corruption Vulnerability
Severity: High
Fixlet ID: 1188901
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval11889.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2872
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem.  When the candidate has been publicized, the details for this candidate will be provided.

***************************************************************
Title: Google Chrome before 5.0.375.125 does not properly mitigate an unspecified flaw in the Windows kernel
Severity: High
Fixlet ID: 1189001
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval11890.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2897
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Google Chrome before 5.0.375.125 does not properly mitigate an unspecified flaw in the Windows kernel, which has unknown impact and attack vectors.

***************************************************************
Title: Adobe Shockwave Player Memory Corruption Vulnerability
Severity: High
Fixlet ID: 1189501
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval11895.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2877
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem.  When the candidate has been publicized, the details for this candidate will be provided.

***************************************************************
Title: Vulnerability in SVG implementation in Google Chrome before 5.0.375.125
Severity: High
Fixlet ID: 1189601
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval11896.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2902
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: The SVG implementation in Google Chrome before 5.0.375.125 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.

***************************************************************
Title: Vulnerability in implementation of the Unicode Bidirectional Algorithm (aka Bidi algorithm or UBA) in Google Chrome before 5.0.375.99
Severity: High
Fixlet ID: 1190001
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval11900.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2648
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: The implementation of the Unicode Bidirectional Algorithm (aka Bidi algorithm or UBA) in Google Chrome before 5.0.375.99 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.

***************************************************************
Title: Vulnerability in handling of SVG documents in Google Chrome before 5.0.375.127
Severity: High
Fixlet ID: 1190101
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval11901.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-3113
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Google Chrome before 5.0.375.127 does not properly handle SVG documents, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.

***************************************************************
Title: Vulnerability while processing MIME types in Google Chrome before 5.0.375.127
Severity: High
Fixlet ID: 1190901
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval11909.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-3116
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Google Chrome before 5.0.375.127 does not properly process MIME types, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.

***************************************************************
Title: Adobe Shockwave Player Memory Corruption Vulnerability
Severity: High
Fixlet ID: 1191301
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval11913.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2864
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem.  When the candidate has been publicized, the details for this candidate will be provided.

***************************************************************
Title: Google Chrome before 5.0.375.127 does not properly mitigate an unspecified flaw in the Windows kernel
Severity: High
Fixlet ID: 1191801
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval11918.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-3111
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Google Chrome before 5.0.375.127 does not properly mitigate an unspecified flaw in the Windows kernel, which has unknown impact and attack vectors, a different vulnerability than CVE-2010-2897.

***************************************************************
Title: Unexpected truncation and improper eliding of hostnames in Google Chrome before 5.0.375.125
Severity: High
Fixlet ID: 1192001
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval11920.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2903
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Google Chrome before 5.0.375.125 performs unexpected truncation and improper eliding of hostnames, which has unspecified impact and remote attack vectors.

***************************************************************
Title: Adobe Shockwave Player Memory Corruption Vulnerability
Severity: High
Fixlet ID: 1193201
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval11932.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2866
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem.  When the candidate has been publicized, the details for this candidate will be provided.

***************************************************************
Title: Use-after-free vulnerability in WebCore in WebKit in Google Chrome before 5.0.375.70
Severity: High
Fixlet ID: 1194801
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval11948.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2302
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Use-after-free vulnerability in WebCore in WebKit in Google Chrome before 5.0.375.70 allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via vectors involving remote fonts in conjunction with shadow DOM trees, aka rdar problem 8007953.  NOTE: this might overlap CVE-2010-1771.

***************************************************************
Title: Vulnerability in history feature implementation in Google Chrome before 5.0.375.127
Severity: High
Fixlet ID: 1195301
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval11953.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-3115
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Google Chrome before 5.0.375.127 does not properly implement the history feature, which might allow remote attackers to spoof the address bar via unspecified vectors.

***************************************************************
Title: Adobe Shockwave Player Memory Corruption Vulnerability
Severity: High
Fixlet ID: 1197001
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval11970.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2871
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem.  When the candidate has been publicized, the details for this candidate will be provided.

***************************************************************
Title: Unspecified vulnerability in Google Chrome before 5.0.375.99 related to an invalid image.
Severity: Medium
Fixlet ID: 1197401
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval11974.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2649
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Unspecified vulnerability in Google Chrome before 5.0.375.99 allows remote attackers to cause a denial of service (application crash) via an invalid image.

***************************************************************
Title: Unspecified Vulnerability in solate sandboxed IFRAME elements in Google Chrome before 5.0.375.99
Severity: High
Fixlet ID: 1198101
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval11981.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2646
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Google Chrome before 5.0.375.99 does not properly isolate sandboxed IFRAME elements, which has unspecified impact and remote attack vectors.

***************************************************************
Title: Adobe Shockwave Player Memory Corruption Vulnerability
Severity: High
Fixlet ID: 1198301
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval11983.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2869
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem.  When the candidate has been publicized, the details for this candidate will be provided.

***************************************************************
Title: Vulnerability in rendering implementation in Google Chrome before 5.0.375.125
Severity: High
Fixlet ID: 1199701
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval11997.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2901
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: The rendering implementation in Google Chrome before 5.0.375.125 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.

***************************************************************
Title: Adobe Shockwave Player Integer Overflow Vulnerability
Severity: High
Fixlet ID: 1199801
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval11998.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2879
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem.  When the candidate has been publicized, the details for this candidate will be provided.

***************************************************************
Title: Vulnerability in page/EventHandler.cpp in WebCore in WebKit in Google Chrome before 5.0.375.70
Severity: Medium
Fixlet ID: 1200301
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval12003.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2295
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: page/EventHandler.cpp in WebCore in WebKit in Google Chrome before 5.0.375.70 does not properly handle a change of the focused frame during the dispatching of keydown, which allows user-assisted remote attackers to redirect keystrokes via a crafted HTML document, aka rdar problem 7018610.  NOTE: this might overlap CVE-2010-1422.

***************************************************************
Title: Adobe Shockwave Player Memory Corruption Vulnerability
Severity: High
Fixlet ID: 1201201
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval12012.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2880
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem.  When the candidate has been publicized, the details for this candidate will be provided.

***************************************************************
Title: Adobe Shockwave Player Pointer Offset Vulnerability
Severity: High
Fixlet ID: 1202101
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval12021.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2867
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem.  When the candidate has been publicized, the details for this candidate will be provided.

***************************************************************
Title: Vulnerability in Cascading Style Sheets (CSS) implementation in Google Chrome before 5.0.375.99
Severity: High
Fixlet ID: 1202801
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval12028.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2651
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: The Cascading Style Sheets (CSS) implementation in Google Chrome before 5.0.375.99 does not properly perform style rendering, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.

***************************************************************
Title: Adobe Shockwave Player Memory Corruption Vulnerability
Severity: High
Fixlet ID: 1204201
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval12042.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2873
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem.  When the candidate has been publicized, the details for this candidate will be provided.

***************************************************************
Title: Unspecified vulnerability in the layout implementation in Google Chrome before 5.0.375.125
Severity: Medium
Fixlet ID: 1204801
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval12048.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2899
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Unspecified vulnerability in the layout implementation in Google Chrome before 5.0.375.125 allows remote attackers to obtain sensitive information from process memory via unknown vectors.

***************************************************************
Title: Adobe Shockwave Player Memory Corruption Vulnerability
Severity: High
Fixlet ID: 1206901
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval12069.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2882
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem.  When the candidate has been publicized, the details for this candidate will be provided.

***************************************************************
Title: Vulnerability in the implementation of unspecified DOM methods in Google Chrome before 5.0.375.70
Severity: High
Fixlet ID: 1208001
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval12080.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2296
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: The implementation of unspecified DOM methods in Google Chrome before 5.0.375.70 allows remote attackers to bypass the Same Origin Policy via unknown vectors.

***************************************************************
Title: Unspecified vulnerability in Google Chrome before 5.0.375.99, when WebGL is used
Severity: Medium
Fixlet ID: 1209001
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval12090.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2645
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Unspecified vulnerability in Google Chrome before 5.0.375.99, when WebGL is used, allows remote attackers to cause a denial of service (out-of-bounds read) via unknown vectors.

***************************************************************
Title: Vulnerability in notifications feature in Google Chrome before 5.0.375.127
Severity: High
Fixlet ID: 1209801
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval12098.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-3117
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Google Chrome before 5.0.375.127 does not properly implement the notifications feature, which allows remote attackers to cause a denial of service (application crash) and possibly have unspecified other impact via unknown vectors.

***************************************************************
Title: Vulnerability in Clipboard::DispatchObject function in app/clipboard/clipboard.cc in Google Chrome before 5.0.375.70
Severity: High
Fixlet ID: 1209901
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval12099.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2299
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: The Clipboard::DispatchObject function in app/clipboard/clipboard.cc in Google Chrome before 5.0.375.70 does not properly handle CBF_SMBITMAP objects in a ViewHostMsg_ClipboardWriteObjectsAsync message, which might allow remote attackers to execute arbitrary code via vectors involving crafted data from the renderer process, related to a "Type Confusion" issue.

***************************************************************
Title: Google Chrome before 5.0.375.125 does not properly mitigate an unspecified flaw in the GNU C Library
Severity: High
Fixlet ID: 1210401
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval12104.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2898
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Google Chrome before 5.0.375.125 does not properly mitigate an unspecified flaw in the GNU C Library, which has unknown impact and attack vectors.

***************************************************************
Title: Vulnerability in Ruby language support in Google Chrome before 5.0.375.127
Severity: High
Fixlet ID: 1210701
Fixlet Link: http://oval.mitre.org/oval/definitions/data/oval12107.html
Fixlet Link: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-3119
Fixlet Link: http://nvd.nist.gov/cvss.cfm?vectorinfo

Fixlet Description: Google Chrome before 5.0.375.127 does not properly support the Ruby language, which allows attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.