Search Results (Refine Search)

Search Parameters:
  • CPE Product Version: cpe:/a:google:chrome:9.0.597.58
There are 2,018 matching records.
Displaying matches 2,001 through 2,018.
Vuln ID Summary CVSS Severity
CVE-2011-0985

Google Chrome before 9.0.597.94 does not properly perform process termination upon memory exhaustion, which has unspecified impact and remote attack vectors.

Published: February 10, 2011; 2:00:02 PM -0500
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2011-0984

Google Chrome before 9.0.597.94 does not properly handle plug-ins, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.

Published: February 10, 2011; 2:00:02 PM -0500
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2011-0983

Google Chrome before 9.0.597.94 does not properly handle anonymous blocks, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer."

Published: February 10, 2011; 2:00:02 PM -0500
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2011-0982

Use-after-free vulnerability in Google Chrome before 9.0.597.94 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving SVG font faces.

Published: February 10, 2011; 2:00:02 PM -0500
V3.x:(not available)
V2.0: 10.0 HIGH
CVE-2011-0981

Google Chrome before 9.0.597.94 does not properly perform event handling for animations, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer."

Published: February 10, 2011; 2:00:02 PM -0500
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2011-0784

Race condition in Google Chrome before 9.0.597.84 allows remote attackers to execute arbitrary code via vectors related to audio.

Published: February 04, 2011; 1:00:03 PM -0500
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2011-0783

Unspecified vulnerability in Google Chrome before 9.0.597.84 allows user-assisted remote attackers to cause a denial of service (application crash) via vectors involving a "bad volume setting."

Published: February 04, 2011; 1:00:03 PM -0500
V3.x:(not available)
V2.0: 4.3 MEDIUM
CVE-2011-0782

Google Chrome before 9.0.597.84 on Mac OS X does not properly mitigate an unspecified flaw in the Mac OS X 10.5 SSL libraries, which allows remote attackers to cause a denial of service (application crash) via unknown vectors.

Published: February 04, 2011; 1:00:03 PM -0500
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2011-0781

Google Chrome before 9.0.597.84 does not properly handle autofill profile merging, which has unspecified impact and remote attack vectors.

Published: February 04, 2011; 1:00:03 PM -0500
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2011-0780

The PDF event handler in Google Chrome before 9.0.597.84 does not properly interact with print operations, which allows user-assisted remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via unknown vectors.

Published: February 04, 2011; 1:00:03 PM -0500
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2011-0779

Google Chrome before 9.0.597.84 does not properly handle a missing key in an extension, which allows remote attackers to cause a denial of service (application crash) via a crafted extension.

Published: February 04, 2011; 1:00:03 PM -0500
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2011-0778

Google Chrome before 9.0.597.84 does not properly restrict drag and drop operations, which might allow remote attackers to bypass the Same Origin Policy via unspecified vectors.

Published: February 04, 2011; 1:00:03 PM -0500
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2011-0777

Use-after-free vulnerability in Google Chrome before 9.0.597.84 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to image loading.

Published: February 04, 2011; 1:00:03 PM -0500
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2011-0776

The sandbox implementation in Google Chrome before 9.0.597.84 on Mac OS X might allow remote attackers to obtain potentially sensitive information about local files via vectors related to the stat system call.

Published: February 04, 2011; 1:00:03 PM -0500
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2010-2179

Cross-site scripting (XSS) vulnerability in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, when Firefox or Chrome is used, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to URL parsing.

Published: June 15, 2010; 2:00:01 PM -0400
V3.x:(not available)
V2.0: 4.3 MEDIUM
CVE-2010-1731

Google Chrome on the HTC Hero allows remote attackers to cause a denial of service (application crash) via JavaScript that writes <marquee> sequences in an infinite loop.

Published: May 06, 2010; 10:53:01 AM -0400
V3.x:(not available)
V2.0: 4.3 MEDIUM
CVE-2009-1598

Google Chrome executes DOM calls in response to a javascript: URI in the target attribute of a submit element within a form contained in an inline PDF file, which might allow remote attackers to bypass intended Adobe Acrobat JavaScript restrictions on accessing the document object, as demonstrated by a web site that permits PDF uploads by untrusted users, and therefore has a shared document.domain between the web site and this javascript: URI. NOTE: the researcher reports that Adobe's position is "a PDF file is active content."

Published: May 11, 2009; 11:30:00 AM -0400
V3.x:(not available)
V2.0: 9.3 HIGH
CVE-2008-5915

An unspecified function in the JavaScript implementation in Google Chrome creates and exposes a "temporary footprint" when there is a current login to a web site, which makes it easier for remote attackers to trick a user into acting upon a spoofed pop-up message, aka an "in-session phishing attack." NOTE: as of 20090116, the only disclosure is a vague pre-advisory with no actionable information. However, because it is from a well-known researcher, it is being assigned a CVE identifier for tracking purposes.

Published: January 20, 2009; 11:30:00 AM -0500
V3.x:(not available)
V2.0: 2.1 LOW