Vulnerabilities > Google > Chrome > 15.0.874.101

DATE CVE VULNERABILITY TITLE RISK
2012-05-16 CVE-2011-3084 Permissions, Privileges, and Access Controls vulnerability in Google Chrome
Google Chrome before 19.0.1084.46 does not use a dedicated process for the loading of links found on an internal page, which might allow attackers to bypass intended sandbox restrictions via a crafted page.
network
low complexity
google CWE-264
7.5
2012-05-16 CVE-2011-3083 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Google Chrome
browser/profiles/profile_impl_io_data.cc in Google Chrome before 19.0.1084.46 does not properly handle a malformed ftp URL in the SRC attribute of a VIDEO element, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted web page.
network
low complexity
google CWE-119
5.0
2012-05-01 CVE-2012-1521 USE After Free vulnerability in Google Chrome
Use-after-free vulnerability in the XML parser in Google Chrome before 18.0.1025.168 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.
network
google apple CWE-416
6.8
2012-05-01 CVE-2011-3081 USE After Free vulnerability in Google Chrome
Use-after-free vulnerability in Google Chrome before 18.0.1025.168 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the floating of elements, a different vulnerability than CVE-2011-3078.
network
google apple CWE-416
critical
9.3
2012-05-01 CVE-2011-3080 Race Condition vulnerability in Google Chrome
Race condition in the Inter-process Communication (IPC) implementation in Google Chrome before 18.0.1025.168 allows attackers to bypass intended sandbox restrictions via unspecified vectors.
network
high complexity
google CWE-362
7.6
2012-05-01 CVE-2011-3079 Resource Management Errors vulnerability in multiple products
The Inter-process Communication (IPC) implementation in Google Chrome before 18.0.1025.168, as used in Mozilla Firefox before 38.0 and other products, does not properly validate messages, which has unspecified impact and attack vectors.
network
low complexity
opensuse google mozilla CWE-399
critical
10.0
2012-05-01 CVE-2011-3078 USE After Free vulnerability in Google Chrome
Use-after-free vulnerability in Google Chrome before 18.0.1025.168 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the floating of elements, a different vulnerability than CVE-2011-3081.
network
google apple CWE-416
6.8
2012-04-06 CVE-2012-0725 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
Adobe Flash Player before 11.2.202.229 in Google Chrome before 18.0.1025.151 allow attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors, a different vulnerability than CVE-2012-0724.
network
adobe google CWE-119
critical
9.3
2012-04-06 CVE-2012-0724 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
Adobe Flash Player before 11.2.202.229 in Google Chrome before 18.0.1025.151 allow attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors, a different vulnerability than CVE-2012-0725.
network
adobe google CWE-119
critical
9.3
2012-04-05 CVE-2011-3077 USE After Free vulnerability in Google Chrome
Use-after-free vulnerability in Google Chrome before 18.0.1025.151 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving the script bindings, related to a "read-after-free" issue.
network
google CWE-416
6.8