Vulnerabilities > Google > Chrome > 4.0.295.0

DATE CVE VULNERABILITY TITLE RISK
2011-12-07 CVE-2011-4692 Permissions, Privileges, and Access Controls vulnerability in multiple products
WebKit, as used in Apple Safari 5.1.1 and earlier and Google Chrome 15 and earlier, does not prevent capture of data about the time required for image loading, which makes it easier for remote attackers to determine whether an image exists in the browser cache via crafted JavaScript code, as demonstrated by visipisi.
network
low complexity
apple google CWE-264
5.0
2011-12-07 CVE-2011-4691 Permissions, Privileges, and Access Controls vulnerability in Google Chrome
Google Chrome 15.0.874.121 and earlier does not prevent capture of data about the times of Same Origin Policy violations during IFRAME loading attempts, which makes it easier for remote attackers to determine whether a document exists in the browser cache via crafted JavaScript code.
network
low complexity
google CWE-264
5.0
2011-12-07 CVE-2010-5073 Permissions, Privileges, and Access Controls vulnerability in Google Chrome
The JavaScript implementation in Google Chrome 4 does not properly restrict the set of values contained in the object returned by the getComputedStyle method, which allows remote attackers to obtain sensitive information about visited web pages by calling this method.
network
low complexity
google CWE-264
5.0
2011-12-07 CVE-2010-5069 Information Exposure vulnerability in Google Chrome
The Cascading Style Sheets (CSS) implementation in Google Chrome 4 does not properly handle the :visited pseudo-class, which allows remote attackers to obtain sensitive information about visited web pages via a crafted HTML document.
network
google CWE-200
4.3
2011-09-19 CVE-2011-3234 Out-Of-Bounds Read vulnerability in Google Chrome
Google Chrome before 14.0.835.163 does not properly handle boxes, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
network
low complexity
google apple CWE-125
5.0
2011-05-03 CVE-2011-1456 Improper Input Validation vulnerability in Google Chrome
Google Chrome before 11.0.696.57 does not properly handle PDF forms, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to "stale pointers."
network
low complexity
google CWE-20
6.8
2011-05-03 CVE-2011-1455 Out-Of-Bounds Read vulnerability in Google Chrome
Google Chrome before 11.0.696.57 does not properly handle PDF documents with multipart encoding, which allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted document.
network
google CWE-125
6.8
2011-05-03 CVE-2011-1454 USE After Free vulnerability in Google Chrome
Use-after-free vulnerability in the DOM id handling functionality in Google Chrome before 11.0.696.57 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted HTML document.
network
low complexity
google CWE-416
6.8
2011-05-03 CVE-2011-1452 Improper Input Validation vulnerability in Google Chrome
Google Chrome before 11.0.696.57 allows user-assisted remote attackers to spoof the URL bar via vectors involving a redirect and a manual reload.
network
google CWE-20
5.8
2011-05-03 CVE-2011-1451 Improper Input Validation vulnerability in Google Chrome
Google Chrome before 11.0.696.57 does not properly handle DOM id maps, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to "dangling pointers."
network
low complexity
google apple CWE-20
7.5