Vulnerabilities > Google > Chrome > 11.0.652.0

DATE CVE VULNERABILITY TITLE RISK
2011-05-03 CVE-2011-1436 Improper Input Validation vulnerability in Google Chrome
Google Chrome before 11.0.696.57 on Linux does not properly interact with the X Window System, which allows remote attackers to cause a denial of service (application crash) via unspecified vectors.
network
low complexity
google linux CWE-20
5.0
2011-05-03 CVE-2011-1435 Incorrect Default Permissions vulnerability in Google Chrome
Google Chrome before 11.0.696.57 does not properly implement the tabs permission for extensions, which allows remote attackers to read local files via a crafted extension.
network
low complexity
google CWE-276
5.0
2011-05-03 CVE-2011-1434 Improper Input Validation vulnerability in Google Chrome
Google Chrome before 11.0.696.57 does not ensure thread safety during handling of MIME data, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.
network
low complexity
google CWE-20
6.8
2011-05-03 CVE-2011-1305 Race Condition vulnerability in Google Chrome
Race condition in Google Chrome before 11.0.696.57 on Linux and Mac OS X allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to linked lists and a database.
network
google CWE-362
6.8
2011-05-03 CVE-2011-1304 Unspecified vulnerability in Google Chrome
Unspecified vulnerability in Google Chrome before 11.0.696.57 allows remote attackers to bypass the pop-up blocker via vectors related to plug-ins.
network
low complexity
google
5.0
2011-05-03 CVE-2011-1303 Improper Input Validation vulnerability in Google Chrome
Google Chrome before 11.0.696.57 does not properly handle floating objects, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer."
network
low complexity
google CWE-20
7.5
2011-04-15 CVE-2011-1691 Null Pointer Dereference vulnerability in Google Chrome
The counterToCSSValue function in CSSComputedStyleDeclaration.cpp in the Cascading Style Sheets (CSS) implementation in WebCore in WebKit before r82222, as used in Google Chrome before 11.0.696.43 and other products, does not properly handle access to the (1) counterIncrement and (2) counterReset attributes of CSSStyleDeclaration data provided by a getComputedStyle method call, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via crafted JavaScript code.
network
low complexity
apple google CWE-476
5.0
2011-03-20 CVE-2011-1465 Unspecified vulnerability in Google Chrome
The SPDY implementation in net/http/http_network_transaction.cc in Google Chrome before 11.0.696.14 drains the bodies from SPDY responses, which might allow remote SPDY servers to cause a denial of service (application exit) by canceling a stream.
network
low complexity
google
5.0
2011-02-22 CVE-2011-1059 USE After Free vulnerability in Google Chrome
Use-after-free vulnerability in WebCore in WebKit before r77705, as used in Google Chrome before 11.0.672.2 and other products, allows user-assisted remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via vectors that entice a user to resubmit a form, related to improper handling of provisional items by the HistoryController component, aka rdar problem 8938557.
network
apple google CWE-416
4.3