National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Search Results (Refine Search)

Search Parameters:
  • Contains Software Flaws (CVE)
  • CPE Product Version: cpe:/a:google:chrome:21.0.1180.61
There are 1,228 matching records.
Displaying matches 1221 through 1228.
Vuln ID Summary CVSS Severity
CVE-2012-2870

libxslt 1.1.26 and earlier, as used in Google Chrome before 21.0.1180.89, does not properly manage memory, which might allow remote attackers to cause a denial of service (application crash) via a crafted XSLT expression that is not properly identified during XPath navigation, related to (1) the xsltCompileLocationPathPattern function in libxslt/pattern.c and (2) the xsltGenerateIdFunction function in libxslt/functions.c.

Published: August 31, 2012; 03:55:01 PM -04:00
V2: 4.3 MEDIUM
CVE-2012-2869

Google Chrome before 21.0.1180.89 does not properly load URLs, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger a "stale buffer."

Published: August 31, 2012; 03:55:01 PM -04:00
V2: 7.5 HIGH
CVE-2012-2868

Race condition in Google Chrome before 21.0.1180.89 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving improper interaction between worker processes and an XMLHttpRequest (aka XHR) object.

Published: August 31, 2012; 03:55:00 PM -04:00
V2: 6.8 MEDIUM
CVE-2012-2867

The SPDY implementation in Google Chrome before 21.0.1180.89 allows remote attackers to cause a denial of service (application crash) via unspecified vectors.

Published: August 31, 2012; 03:55:00 PM -04:00
V2: 5.0 MEDIUM
CVE-2012-2866

Google Chrome before 21.0.1180.89 does not properly perform a cast of an unspecified variable during handling of run-in elements, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a crafted document.

Published: August 31, 2012; 03:55:00 PM -04:00
V2: 7.5 HIGH
CVE-2012-2865

Google Chrome before 21.0.1180.89 does not properly perform line breaking, which allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted document.

Published: August 31, 2012; 03:55:00 PM -04:00
V2: 4.3 MEDIUM
CVE-2012-2863

The PDF functionality in Google Chrome before 21.0.1180.75 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger out-of-bounds write operations.

Published: August 09, 2012; 06:29:47 AM -04:00
V2: 7.5 HIGH
CVE-2012-2862

Use-after-free vulnerability in the PDF functionality in Google Chrome before 21.0.1180.75 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted document.

Published: August 09, 2012; 06:29:47 AM -04:00
V2: 6.8 MEDIUM