Vulnerabilities > Google > Chrome > 4.0.249.75
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2010-12-22 | CVE-2010-4576 | Null Pointer Dereference vulnerability in Google Chrome and Chrome OS browser/worker_host/message_port_dispatcher.cc in Google Chrome before 8.0.552.224 and Chrome OS before 8.0.552.343 does not properly handle certain postMessage calls, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via crafted JavaScript code that creates a web worker. | 5.0 |
| 2010-12-22 | CVE-2010-4575 | Improper Input Validation vulnerability in Google Chrome OS and Chrome The ThemeInstalledInfoBarDelegate::Observe function in browser/extensions/theme_installed_infobar_delegate.cc in Google Chrome before 8.0.552.224 and Chrome OS before 8.0.552.343 does not properly handle incorrect tab interaction by an extension, which allows user-assisted remote attackers to cause a denial of service (application crash) via a crafted extension. | 4.3 |
| 2010-12-22 | CVE-2010-4574 | Deserialization of Untrusted Data vulnerability in Google Chrome The Pickle::Pickle function in base/pickle.cc in Google Chrome before 8.0.552.224 and Chrome OS before 8.0.552.343 on 64-bit Linux platforms does not properly perform pointer arithmetic, which allows remote attackers to bypass message deserialization validation, and cause a denial of service or possibly have unspecified other impact, via invalid pickle data. | 7.5 |
| 2010-12-07 | CVE-2010-4494 | Double Free vulnerability in Google Chrome Double free vulnerability in libxml2 2.7.8 and other versions, as used in Google Chrome before 8.0.552.215 and other products, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to XPath handling. | 7.5 |
| 2010-12-07 | CVE-2010-4493 | USE After Free vulnerability in Google Chrome Use-after-free vulnerability in Google Chrome before 8.0.552.215 allows remote attackers to cause a denial of service via vectors related to the handling of mouse dragging events. | 4.3 |
| 2010-12-07 | CVE-2010-4492 | USE After Free vulnerability in Google Chrome Use-after-free vulnerability in Google Chrome before 8.0.552.215 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving SVG animations. | 7.5 |
| 2010-12-07 | CVE-2010-4491 | Permissions, Privileges, and Access Controls vulnerability in Google Chrome Google Chrome before 8.0.552.215 does not properly restrict privileged extensions, which allows remote attackers to cause a denial of service (memory corruption) via a crafted extension. | 4.3 |
| 2010-12-07 | CVE-2010-4490 | Unspecified vulnerability in Google Chrome Google Chrome before 8.0.552.215 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via malformed video content that triggers an indexing error. | 9.3 |
| 2010-12-07 | CVE-2010-4489 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Google Chrome libvpx, as used in Google Chrome before 8.0.552.215 and possibly other products, allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted WebM video. | 4.3 |
| 2010-12-07 | CVE-2010-4488 | Improper Authentication vulnerability in Google Chrome Google Chrome before 8.0.552.215 does not properly handle HTTP proxy authentication, which allows remote attackers to cause a denial of service (application crash) via unspecified vectors. | 5.0 |