Vulnerabilities > Google > Chrome > 15.0.874.101

DATE CVE VULNERABILITY TITLE RISK
2012-04-05 CVE-2011-3066 Out-Of-Bounds Read vulnerability in Google Chrome
Skia, as used in Google Chrome before 18.0.1025.151, does not properly perform clipping, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
network
google CWE-125
6.8
2012-03-30 CVE-2011-3065 Integer Overflow OR Wraparound vulnerability in Google Chrome
Skia, as used in Google Chrome before 18.0.1025.142, allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.
network
google CWE-190
6.8
2012-03-30 CVE-2011-3064 USE After Free vulnerability in Google Chrome
Use-after-free vulnerability in Google Chrome before 18.0.1025.142 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to SVG clipping.
network
low complexity
google apple CWE-416
7.5
2012-03-30 CVE-2011-3063 Improper Input Validation vulnerability in Google Chrome
Google Chrome before 18.0.1025.142 does not properly validate the renderer's navigation requests, which has unspecified impact and remote attack vectors.
network
google CWE-20
4.3
2012-03-30 CVE-2011-3061 Improper Certificate Validation vulnerability in Google Chrome
Google Chrome before 18.0.1025.142 does not properly check X.509 certificates before use of a SPDY proxy, which might allow man-in-the-middle attackers to spoof servers or obtain sensitive information via a crafted certificate.
network
google CWE-295
5.8
2012-03-30 CVE-2011-3060 Out-Of-Bounds Read vulnerability in Google Chrome
Google Chrome before 18.0.1025.142 does not properly handle text fragments, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
network
google apple CWE-125
6.8
2012-03-30 CVE-2011-3059 Out-Of-Bounds Read vulnerability in Google Chrome
Google Chrome before 18.0.1025.142 does not properly handle SVG text elements, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
network
google apple CWE-125
6.8
2012-03-30 CVE-2011-3058 Cross-Site Scripting vulnerability in Google Chrome
Google Chrome before 18.0.1025.142 does not properly handle the EUC-JP encoding system, which might allow remote attackers to conduct cross-site scripting (XSS) attacks via unspecified vectors.
network
google apple CWE-79
4.3
2012-03-23 CVE-2011-3049 Multiple Security vulnerability in Google Chrome
Google Chrome before 17.0.963.83 does not properly restrict the extension web request API, which allows remote attackers to cause a denial of service (disrupted system requests) via a crafted extension.
network
low complexity
google opensuse
5.0
2012-03-22 CVE-2012-1846 Exposure of Resource TO Wrong Sphere vulnerability in Google Chrome
Google Chrome 17.0.963.66 and earlier allows remote attackers to bypass the sandbox protection mechanism by leveraging access to a sandboxed process, as demonstrated by VUPEN during a Pwn2Own competition at CanSecWest 2012.
network
low complexity
google CWE-668
critical
10.0