) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
Search Results (Refine Search)
- CPE Product Version: cpe:/a:google:chrome:17.0.963.80
| Vuln ID | Summary | CVSS Severity |
|---|---|---|
| CVE-2011-3049 |
Google Chrome before 17.0.963.83 does not properly restrict the extension web request API, which allows remote attackers to cause a denial of service (disrupted system requests) via a crafted extension. Published: March 23, 2012; 6:55:01 AM -0400 |
V3.x:(not available) V2.0: 5.0 MEDIUM |
| CVE-2011-3057 |
Google V8, as used in Google Chrome before 17.0.963.83, allows remote attackers to cause a denial of service via vectors that trigger an invalid read operation. Published: March 22, 2012; 12:55:01 PM -0400 |
V3.x:(not available) V2.0: 4.3 MEDIUM |
| CVE-2011-3056 |
Google Chrome before 17.0.963.83 allows remote attackers to bypass the Same Origin Policy via vectors involving a "magic iframe." Published: March 22, 2012; 12:55:01 PM -0400 |
V3.x:(not available) V2.0: 6.8 MEDIUM |
| CVE-2011-3055 |
The browser native UI in Google Chrome before 17.0.963.83 does not require user confirmation before an unpacked extension installation, which allows user-assisted remote attackers to have an unspecified impact via a crafted extension. Published: March 22, 2012; 12:55:01 PM -0400 |
V3.x:(not available) V2.0: 4.3 MEDIUM |
| CVE-2011-3054 |
The WebUI privilege implementation in Google Chrome before 17.0.963.83 does not properly perform isolation, which allows remote attackers to bypass intended access restrictions via unspecified vectors. Published: March 22, 2012; 12:55:01 PM -0400 |
V3.x:(not available) V2.0: 4.3 MEDIUM |
| CVE-2011-3053 |
Use-after-free vulnerability in Google Chrome before 17.0.963.83 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to block splitting. Published: March 22, 2012; 12:55:01 PM -0400 |
V3.x:(not available) V2.0: 6.8 MEDIUM |
| CVE-2011-3052 |
The WebGL implementation in Google Chrome before 17.0.963.83 does not properly handle CANVAS elements, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors. Published: March 22, 2012; 12:55:01 PM -0400 |
V3.x:(not available) V2.0: 6.8 MEDIUM |
| CVE-2011-3051 |
Use-after-free vulnerability in the Cascading Style Sheets (CSS) implementation in Google Chrome before 17.0.963.83 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the cross-fade function. Published: March 22, 2012; 12:55:01 PM -0400 |
V3.x:(not available) V2.0: 6.8 MEDIUM |
| CVE-2011-3050 |
Use-after-free vulnerability in the Cascading Style Sheets (CSS) implementation in Google Chrome before 17.0.963.83 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the :first-letter pseudo-element. Published: March 22, 2012; 12:55:01 PM -0400 |
V3.x:(not available) V2.0: 6.8 MEDIUM |
| CVE-2011-3045 |
Integer signedness error in the png_inflate function in pngrutil.c in libpng before 1.4.10beta01, as used in Google Chrome before 17.0.963.83 and other products, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PNG file, a different vulnerability than CVE-2011-3026. Published: March 22, 2012; 12:55:01 PM -0400 |
V3.x:(not available) V2.0: 6.8 MEDIUM |