Vulnerabilities

DATE CVE VULNERABILITY TITLE RISK
2010-11-06 CVE-2010-4205 Unspecified vulnerability in Google Chrome
Google Chrome before 7.0.517.44 does not properly handle the data types of event objects, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.
network
low complexity
google
critical
 9.8
9.8
2010-11-06 CVE-2010-4204 WebKit, as used in Google Chrome before 7.0.517.44, webkitgtk before 1.2.6, and other products, accesses a frame object after this object has been destroyed, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.
network
low complexity
google webkitgtk fedoraproject
critical
 9.8
9.8
2010-11-06 CVE-2010-4203 Integer Overflow or Wraparound vulnerability in multiple products
WebM libvpx (aka the VP8 Codec SDK) before 0.9.5, as used in Google Chrome before 7.0.517.44, allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via invalid frames.
network
low complexity
google webmproject redhat CWE-190
critical
 9.8
9.8
2010-11-06 CVE-2010-4202 Integer Overflow or Wraparound vulnerability in Google Chrome
Multiple integer overflows in Google Chrome before 7.0.517.44 on Linux allow remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted font.
network
low complexity
google CWE-190
critical
 9.8
9.8
2010-11-06 CVE-2010-4201 Use After Free vulnerability in Google Chrome
Use-after-free vulnerability in Google Chrome before 7.0.517.44 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving text control selections.
network
low complexity
google CWE-416
critical
 9.8
9.8
2010-11-06 CVE-2010-4199 Improper Input Validation vulnerability in multiple products
Google Chrome before 7.0.517.44 does not properly perform a cast of an unspecified variable during processing of an SVG use element, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted SVG document.
network
low complexity
google debian CWE-20
8.8
8.8
2010-11-06 CVE-2010-4198 Improper Input Validation vulnerability in multiple products
WebKit, as used in Google Chrome before 7.0.517.44, webkitgtk before 1.2.6, and other products, does not properly handle large text areas, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted HTML document.
network
low complexity
google webkitgtk fedoraproject CWE-20
8.8
8.8
2010-11-06 CVE-2010-4197 Use After Free vulnerability in multiple products
Use-after-free vulnerability in WebKit, as used in Google Chrome before 7.0.517.44, webkitgtk before 1.2.6, and other products, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving text editing.
network
low complexity
google webkitgtk fedoraproject CWE-416
critical
 9.8
9.8
2010-11-05 CVE-2010-2941 Use After Free vulnerability in multiple products
ipp.c in cupsd in CUPS 1.4.4 and earlier does not properly allocate memory for attribute values with invalid string data types, which allows remote attackers to cause a denial of service (use-after-free and application crash) or possibly execute arbitrary code via a crafted IPP request.
network
low complexity
apple fedoraproject canonical debian opensuse suse redhat CWE-416
critical
 9.8
9.8
2010-10-21 CVE-2010-4042 Improper Input Validation vulnerability in multiple products
Google Chrome before 7.0.517.41 does not properly handle element maps, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to "stale elements."
network
low complexity
google opensuse CWE-20
critical
 9.8
9.8