Vulnerabilities > Google > Chrome > 4.1.249.1010

DATE CVE VULNERABILITY TITLE RISK
2012-09-13 CVE-2012-4904 Cross-Site Scripting vulnerability in Google Chrome
Cross-application scripting vulnerability in Google Chrome before 18.0.1025308 on Android allows remote attackers to inject arbitrary web script via unspecified vectors, as demonstrated by "Universal XSS (UXSS)" attacks against the current tab.
network
google CWE-79
4.3
2012-09-13 CVE-2012-4903 Permissions, Privileges, and Access Controls vulnerability in Google Chrome
Google Chrome before 18.0.1025308 on Android does not properly restrict access to file: URLs, which allows remote attackers to obtain sensitive information via unspecified vectors, as demonstrated by obtaining credential data, a different vulnerability than CVE-2012-4906.
network
low complexity
google CWE-264
5.0
2012-06-27 CVE-2012-2764 Unspecified vulnerability in Google Chrome
Untrusted search path vulnerability in Google Chrome before 20.0.1132.43 on Windows might allow local users to gain privileges via a Trojan horse Metro DLL in the current working directory.
local
low complexity
google microsoft
7.2
2012-05-24 CVE-2011-3115 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Google Chrome
Google V8, as used in Google Chrome before 19.0.1084.52, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger "type corruption."
network
low complexity
google CWE-119
7.5
2012-05-24 CVE-2011-3114 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Google Chrome
Multiple buffer overflows in the PDF functionality in Google Chrome before 19.0.1084.52 allow remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger unknown function calls.
network
low complexity
google CWE-119
7.5
2012-05-24 CVE-2011-3113 Multiple Security vulnerability in Google Chrome Prior to 19.0.1084.52
The PDF functionality in Google Chrome before 19.0.1084.52 does not properly perform a cast of an unspecified variable during handling of color spaces, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a crafted document.
network
low complexity
google
7.5
2012-05-24 CVE-2011-3112 Resource Management Errors vulnerability in Google Chrome
Use-after-free vulnerability in the PDF functionality in Google Chrome before 19.0.1084.52 allows remote attackers to cause a denial of service or possibly have unspecified other impact via an invalid encrypted document.
network
low complexity
google CWE-399
5.0
2012-05-24 CVE-2011-3111 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Google Chrome
Google V8, as used in Google Chrome before 19.0.1084.52, allows remote attackers to cause a denial of service (invalid read operation) via unspecified vectors.
network
low complexity
google CWE-119
5.0
2012-05-24 CVE-2011-3110 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Google Chrome
The PDF functionality in Google Chrome before 19.0.1084.52 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger out-of-bounds write operations.
network
low complexity
google CWE-119
7.5
2012-05-24 CVE-2011-3109 Multiple Security vulnerability in Google Chrome Prior to 19.0.1084.52
Google Chrome before 19.0.1084.52 on Linux does not properly perform a cast of an unspecified variable, which allows remote attackers to cause a denial of service or possibly have unknown other impact by leveraging an error in the GTK implementation of the UI.
network
low complexity
google linux
7.5