Vulnerabilities > Google > Chrome > 4.0.258.0

DATE CVE VULNERABILITY TITLE RISK
2013-03-21 CVE-2013-2632 Unspecified vulnerability in Google Chrome
Google V8 before 3.17.13, as used in Google Chrome before 27.0.1444.3, allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via crafted JavaScript code, as demonstrated by the Bejeweled game.
network
google
6.8
2013-02-23 CVE-2013-2268 Security vulnerability in WebKit MathML Library
Unspecified vulnerability in the MathML implementation in WebKit in Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, has unknown impact and remote attack vectors, related to a "high severity security issue."
network
low complexity
google linux microsoft apple
7.5
2012-11-15 CVE-2012-5851 Cross-Site Scripting vulnerability in multiple products
html/parser/XSSAuditor.cpp in WebCore in WebKit, as used in Google Chrome through 22 and Safari 5.1.7, does not consider all possible output contexts of reflected data, which makes it easier for remote attackers to bypass a cross-site scripting (XSS) protection mechanism via a crafted string, aka rdar problem 12019108.
network
apple google CWE-79
4.3
2012-10-11 CVE-2012-5376 Improper Privilege Management vulnerability in Google Chrome
The Inter-process Communication (IPC) implementation in Google Chrome before 22.0.1229.94 allows remote attackers to bypass intended sandbox restrictions and write to arbitrary files by leveraging access to a renderer process, a different vulnerability than CVE-2012-5112.
network
google CWE-269
critical
9.3
2012-09-13 CVE-2012-4909 Information Exposure vulnerability in Google Chrome
Google Chrome before 18.0.1025308 on Android allows remote attackers to obtain cookie information via a crafted application.
network
google CWE-200
4.3
2012-09-13 CVE-2012-4908 Permissions, Privileges, and Access Controls vulnerability in Google Chrome
Google Chrome before 18.0.1025308 on Android allows remote attackers to bypass the Same Origin Policy and obtain access to local files via vectors involving a symlink.
network
low complexity
google CWE-264
7.5
2012-09-13 CVE-2012-4907 Permissions, Privileges, and Access Controls vulnerability in Google Chrome
Google Chrome before 18.0.1025308 on Android does not properly restrict access from JavaScript code to Android APIs, which allows remote attackers to have an unspecified impact via a crafted web page.
network
google CWE-264
critical
9.3
2012-09-13 CVE-2012-4906 Permissions, Privileges, and Access Controls vulnerability in Google Chrome
Google Chrome before 18.0.1025308 on Android does not properly restrict access to file: URLs, which allows remote attackers to obtain sensitive information via unspecified vectors, as demonstrated by obtaining credential data, a different vulnerability than CVE-2012-4903.
network
low complexity
google CWE-264
5.0
2012-09-13 CVE-2012-4905 Cross-Site Scripting vulnerability in Google Chrome
Cross-site scripting (XSS) vulnerability in Google Chrome before 18.0.1025308 on Android allows remote attackers to inject arbitrary web script or HTML via an extra in an Intent object, aka "Universal XSS (UXSS)."
network
google CWE-79
4.3
2012-09-13 CVE-2012-4904 Cross-Site Scripting vulnerability in Google Chrome
Cross-application scripting vulnerability in Google Chrome before 18.0.1025308 on Android allows remote attackers to inject arbitrary web script via unspecified vectors, as demonstrated by "Universal XSS (UXSS)" attacks against the current tab.
network
google CWE-79
4.3