Vulnerabilities > Google > Chrome > 2.0.172.38
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2012-02-16 | CVE-2011-3015 | Integer Overflow OR Wraparound vulnerability in Google Chrome Multiple integer overflows in the PDF codecs in Google Chrome before 17.0.963.56 allow remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. | 6.8 |
2011-12-07 | CVE-2011-4692 | Permissions, Privileges, and Access Controls vulnerability in multiple products WebKit, as used in Apple Safari 5.1.1 and earlier and Google Chrome 15 and earlier, does not prevent capture of data about the time required for image loading, which makes it easier for remote attackers to determine whether an image exists in the browser cache via crafted JavaScript code, as demonstrated by visipisi. | 5.0 |
2011-12-07 | CVE-2011-4691 | Permissions, Privileges, and Access Controls vulnerability in Google Chrome Google Chrome 15.0.874.121 and earlier does not prevent capture of data about the times of Same Origin Policy violations during IFRAME loading attempts, which makes it easier for remote attackers to determine whether a document exists in the browser cache via crafted JavaScript code. | 5.0 |
2011-09-19 | CVE-2011-3234 | Out-Of-Bounds Read vulnerability in Google Chrome Google Chrome before 14.0.835.163 does not properly handle boxes, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. | 5.0 |
2011-08-09 | CVE-2008-7294 | Permissions, Privileges, and Access Controls vulnerability in Google Chrome Google Chrome before 4.0.211.0 cannot properly restrict modifications to cookies established in HTTPS sessions, which allows man-in-the-middle attackers to overwrite or delete arbitrary cookies via a Set-Cookie header in an HTTP response, related to lack of the HTTP Strict Transport Security (HSTS) includeSubDomains feature, aka a "cookie forcing" issue. | 5.8 |
2011-05-03 | CVE-2011-1456 | Improper Input Validation vulnerability in Google Chrome Google Chrome before 11.0.696.57 does not properly handle PDF forms, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to "stale pointers." | 6.8 |
2011-05-03 | CVE-2011-1455 | Out-Of-Bounds Read vulnerability in Google Chrome Google Chrome before 11.0.696.57 does not properly handle PDF documents with multipart encoding, which allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted document. | 6.8 |
2011-05-03 | CVE-2011-1454 | USE After Free vulnerability in Google Chrome Use-after-free vulnerability in the DOM id handling functionality in Google Chrome before 11.0.696.57 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted HTML document. | 6.8 |
2011-05-03 | CVE-2011-1452 | Improper Input Validation vulnerability in Google Chrome Google Chrome before 11.0.696.57 allows user-assisted remote attackers to spoof the URL bar via vectors involving a redirect and a manual reload. | 5.8 |
2011-05-03 | CVE-2011-1451 | Improper Input Validation vulnerability in Google Chrome Google Chrome before 11.0.696.57 does not properly handle DOM id maps, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to "dangling pointers." | 7.5 |