Vulnerabilities > Google > Chrome > 17.0.954.3

DATE CVE VULNERABILITY TITLE RISK
2012-03-22 CVE-2011-3057 Out-Of-Bounds Read vulnerability in Google Chrome
Google V8, as used in Google Chrome before 17.0.963.83, allows remote attackers to cause a denial of service via vectors that trigger an invalid read operation.
network
google CWE-125
4.3
2012-03-22 CVE-2011-3056 Origin Validation Error vulnerability in Google Chrome
Google Chrome before 17.0.963.83 allows remote attackers to bypass the Same Origin Policy via vectors involving a "magic iframe."
6.8
2012-03-22 CVE-2011-3055 Missing Authentication for Critical Function vulnerability in Google Chrome
The browser native UI in Google Chrome before 17.0.963.83 does not require user confirmation before an unpacked extension installation, which allows user-assisted remote attackers to have an unspecified impact via a crafted extension.
4.3
2012-03-22 CVE-2011-3054 Improper Privilege Management vulnerability in Google Chrome
The WebUI privilege implementation in Google Chrome before 17.0.963.83 does not properly perform isolation, which allows remote attackers to bypass intended access restrictions via unspecified vectors.
4.3
2012-03-22 CVE-2011-3053 USE After Free vulnerability in Google Chrome
Use-after-free vulnerability in Google Chrome before 17.0.963.83 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to block splitting.
6.8
2012-03-22 CVE-2011-3052 Buffer Errors vulnerability in Google Chrome
The WebGL implementation in Google Chrome before 17.0.963.83 does not properly handle CANVAS elements, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.
6.8
2012-03-22 CVE-2011-3051 USE After Free vulnerability in Google Chrome
Use-after-free vulnerability in the Cascading Style Sheets (CSS) implementation in Google Chrome before 17.0.963.83 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the cross-fade function.
6.8
2012-03-22 CVE-2011-3050 USE After Free vulnerability in Google Chrome
Use-after-free vulnerability in the Cascading Style Sheets (CSS) implementation in Google Chrome before 17.0.963.83 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the :first-letter pseudo-element.
6.8
2012-03-10 CVE-2011-3047 Buffer Errors vulnerability in Google Chrome
The GPU process in Google Chrome before 17.0.963.79 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) by leveraging an error in the plug-in loading mechanism.
network
google opensuse CWE-119
critical
9.3
2012-03-09 CVE-2011-3046 Cross-Site Scripting vulnerability in Google Chrome
The extension subsystem in Google Chrome before 17.0.963.78 does not properly handle history navigation, which allows remote attackers to execute arbitrary code by leveraging a "Universal XSS (UXSS)" issue.
network
low complexity
google opensuse apple CWE-79
critical
10.0