National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Search Results (Refine Search)

Search Parameters:
  • Contains Software Flaws (CVE)
  • CPE Product Version: cpe:/a:google:chrome:11.0.673.0
There are 1,744 matching records.
Displaying matches 1681 through 1700.
Vuln ID Summary CVSS Severity
CVE-2011-2783

Google Chrome before 13.0.782.107 does not ensure that developer-mode NPAPI extension installations are confirmed by a browser dialog, which makes it easier for remote attackers to modify the product's functionality via a Trojan horse extension.

Published: August 02, 2011; 08:55:01 PM -04:00
    V2: 6.4 MEDIUM
CVE-2011-2782

The drag-and-drop implementation in Google Chrome before 13.0.782.107 on Linux does not properly enforce permissions for files, which allows user-assisted remote attackers to bypass intended access restrictions via unspecified vectors.

Published: August 02, 2011; 08:55:01 PM -04:00
    V2: 4.3 MEDIUM
CVE-2011-2361

The Basic Authentication dialog implementation in Google Chrome before 13.0.782.107 does not properly handle strings, which might make it easier for remote attackers to capture credentials via a crafted web site.

Published: August 02, 2011; 08:55:01 PM -04:00
    V2: 4.3 MEDIUM
CVE-2011-2360

Google Chrome before 13.0.782.107 does not ensure that the user is prompted before download of a dangerous file, which makes it easier for remote attackers to bypass intended content restrictions via a crafted web site.

Published: August 02, 2011; 08:55:01 PM -04:00
    V2: 5.0 MEDIUM
CVE-2011-2359

Google Chrome before 13.0.782.107 does not properly track line boxes during rendering, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer."

Published: August 02, 2011; 08:55:01 PM -04:00
    V2: 7.5 HIGH
CVE-2011-2358

Google Chrome before 13.0.782.107 does not ensure that extension installations are confirmed by a browser dialog, which makes it easier for remote attackers to modify the product's functionality via a Trojan horse extension.

Published: August 02, 2011; 08:55:01 PM -04:00
    V2: 6.4 MEDIUM
CVE-2011-2351

Use-after-free vulnerability in Google Chrome before 12.0.742.112 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving SVG use elements.

Published: June 29, 2011; 01:55:04 PM -04:00
    V2: 7.5 HIGH
CVE-2011-2350

The HTML parser in Google Chrome before 12.0.742.112 does not properly address "lifetime and re-entrancy issues," which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.

Published: June 29, 2011; 01:55:04 PM -04:00
    V2: 7.5 HIGH
CVE-2011-2349

Use-after-free vulnerability in Google Chrome before 12.0.742.112 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to text selection.

Published: June 29, 2011; 01:55:04 PM -04:00
    V2: 7.5 HIGH
CVE-2011-2348

Google V8, as used in Google Chrome before 12.0.742.112, performs an incorrect bounds check, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.

Published: June 29, 2011; 01:55:04 PM -04:00
    V2: 7.5 HIGH
CVE-2011-2347

Google Chrome before 12.0.742.112 does not properly handle Cascading Style Sheets (CSS) token sequences, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.

Published: June 29, 2011; 01:55:04 PM -04:00
    V2: 7.5 HIGH
CVE-2011-2346

Use-after-free vulnerability in Google Chrome before 12.0.742.112 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving SVG fonts.

Published: June 29, 2011; 01:55:04 PM -04:00
    V2: 7.5 HIGH
CVE-2011-2345

The NPAPI implementation in Google Chrome before 12.0.742.112 does not properly handle strings, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.

Published: June 29, 2011; 01:55:04 PM -04:00
    V2: 5.0 MEDIUM
CVE-2011-2342

The DOM implementation in Google Chrome before 12.0.742.91 allows remote attackers to bypass the Same Origin Policy via unspecified vectors.

Published: June 09, 2011; 03:55:02 PM -04:00
    V2: 7.5 HIGH
CVE-2011-2332

Google V8, as used in Google Chrome before 12.0.742.91, allows remote attackers to bypass the Same Origin Policy via unspecified vectors.

Published: June 09, 2011; 03:55:02 PM -04:00
    V2: 7.5 HIGH
CVE-2011-1819

Google Chrome before 12.0.742.91 allows remote attackers to perform unspecified injection into a chrome:// page via vectors related to extensions.

Published: June 09, 2011; 03:55:02 PM -04:00
    V2: 5.0 MEDIUM
CVE-2011-1818

Use-after-free vulnerability in the image loader in Google Chrome before 12.0.742.91 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.

Published: June 09, 2011; 03:55:02 PM -04:00
    V2: 7.5 HIGH
CVE-2011-1817

Google Chrome before 12.0.742.91 does not properly implement history deletion, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.

Published: June 09, 2011; 03:55:02 PM -04:00
    V2: 5.0 MEDIUM
CVE-2011-1816

Use-after-free vulnerability in the developer tools in Google Chrome before 12.0.742.91 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.

Published: June 09, 2011; 03:55:02 PM -04:00
    V2: 5.0 MEDIUM
CVE-2011-1815

Google Chrome before 12.0.742.91 allows remote attackers to inject script into a tab page via vectors related to extensions.

Published: June 09, 2011; 03:55:02 PM -04:00
    V2: 5.0 MEDIUM