) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
Search Results (Refine Search)
- CPE Product Version: cpe:/a:google:chrome:4.1.249.1063
| Vuln ID | Summary | CVSS Severity |
|---|---|---|
| CVE-2010-1770 |
WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, Apple Safari before 4.1 on Mac OS X 10.4, and Google Chrome before 5.0.375.70 does not properly handle a transformation of a text node that has the IBM1147 character set, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted HTML document containing a BR element, related to a "type checking issue." Published: June 11, 2010; 3:30:20 PM -0400 |
V3.x:(not available) V2.0: 9.3 HIGH |
| CVE-2010-2110 |
Google Chrome before 5.0.375.55 does not properly execute JavaScript code in the extension context, which has unspecified impact and remote attack vectors. Published: May 28, 2010; 2:30:01 PM -0400 |
V3.x:(not available) V2.0: 7.5 HIGH |
| CVE-2010-2109 |
Unspecified vulnerability in Google Chrome before 5.0.375.55 allows user-assisted remote attackers to cause a denial of service (memory error) or possibly have unspecified other impact via vectors related to the "drag + drop" functionality. Published: May 28, 2010; 2:30:01 PM -0400 |
V3.x:(not available) V2.0: 7.5 HIGH |
| CVE-2010-2108 |
Unspecified vulnerability in Google Chrome before 5.0.375.55 allows remote attackers to bypass the whitelist-mode plugin blocker via unknown vectors. Published: May 28, 2010; 2:30:01 PM -0400 |
V3.x:(not available) V2.0: 7.5 HIGH |
| CVE-2010-2107 |
Unspecified vulnerability in Google Chrome before 5.0.375.55 allows attackers to cause a denial of service (memory error) or possibly have unspecified other impact via vectors related to the Safe Browsing functionality. Published: May 28, 2010; 2:30:01 PM -0400 |
V3.x:(not available) V2.0: 10.0 HIGH |
| CVE-2010-2106 |
Unspecified vulnerability in Google Chrome before 5.0.375.55 might allow remote attackers to spoof the URL bar via vectors involving unload event handlers. Published: May 28, 2010; 2:30:01 PM -0400 |
V3.x:(not available) V2.0: 4.3 MEDIUM |
| CVE-2010-2105 |
Google Chrome before 5.0.375.55 does not properly follow the Safe Browsing specification's requirements for canonicalization of URLs, which has unspecified impact and remote attack vectors. Published: May 28, 2010; 2:30:01 PM -0400 |
V3.x:(not available) V2.0: 10.0 HIGH |
| CVE-2010-1851 |
Google Chrome, when the Invisible Hand extension is enabled, uses cookies during background HTTP requests in a possibly unexpected manner, which might allow remote web servers to identify specific persons and their product searches via HTTP request logging, related to a "cross-site data leakage" issue. Published: May 07, 2010; 2:24:16 PM -0400 |
V3.x:(not available) V2.0: 4.3 MEDIUM |
| CVE-2010-1665 |
Google Chrome before 4.1.249.1064 does not properly handle fonts, which allows remote attackers to cause a denial of service (memory corruption) and possibly have unspecified other impact via unknown vectors. Published: May 03, 2010; 9:51:53 AM -0400 |
V3.x:(not available) V2.0: 7.5 HIGH |
| CVE-2010-1664 |
Google Chrome before 4.1.249.1064 does not properly handle HTML5 media, which allows remote attackers to cause a denial of service (memory corruption) and possibly have unspecified other impact via unknown vectors. Published: May 03, 2010; 9:51:53 AM -0400 |
V3.x:(not available) V2.0: 5.0 MEDIUM |
| CVE-2010-1663 |
The Google URL Parsing Library (aka google-url or GURL) in Google Chrome before 4.1.249.1064 allows remote attackers to bypass the Same Origin Policy via unspecified vectors. Published: May 03, 2010; 9:51:53 AM -0400 |
V3.x:(not available) V2.0: 10.0 HIGH |