Vulnerabilities > Google > Chrome > 4.1.249.1034
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2010-06-15 | CVE-2010-2298 | Improper Input Validation vulnerability in Google Chrome browser/renderer_host/database_dispatcher_host.cc in Google Chrome before 5.0.375.70 on Linux does not properly handle ViewHostMsg_DatabaseOpenFile messages in chroot-based sandboxing, which allows remote attackers to bypass intended sandbox restrictions via vectors involving fchdir and chdir calls. | 10.0 |
| 2010-06-15 | CVE-2010-2297 | Code Injection vulnerability in multiple products rendering/FixedTableLayout.cpp in WebCore in WebKit in Google Chrome before 5.0.375.70 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an HTML document that has a large colspan attribute within a table. | 9.3 |
| 2010-06-15 | CVE-2010-2296 | Permissions, Privileges, and Access Controls vulnerability in Google Chrome The implementation of unspecified DOM methods in Google Chrome before 5.0.375.70 allows remote attackers to bypass the Same Origin Policy via unknown vectors. | 9.3 |
| 2010-06-15 | CVE-2010-2295 | Improper Input Validation vulnerability in Google Chrome page/EventHandler.cpp in WebCore in WebKit in Google Chrome before 5.0.375.70 does not properly handle a change of the focused frame during the dispatching of keydown, which allows user-assisted remote attackers to redirect keystrokes via a crafted HTML document, aka rdar problem 7018610. | 4.3 |
| 2010-06-11 | CVE-2010-1770 | Code Injection vulnerability in multiple products WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, Apple Safari before 4.1 on Mac OS X 10.4, and Google Chrome before 5.0.375.70 does not properly handle a transformation of a text node that has the IBM1147 character set, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted HTML document containing a BR element, related to a "type checking issue." | 9.3 |
| 2010-05-28 | CVE-2010-2110 | Unspecified vulnerability in Google Chrome Google Chrome before 5.0.375.55 does not properly execute JavaScript code in the extension context, which has unspecified impact and remote attack vectors. | 7.5 |
| 2010-05-28 | CVE-2010-2109 | Unspecified vulnerability in Google Chrome Unspecified vulnerability in Google Chrome before 5.0.375.55 allows user-assisted remote attackers to cause a denial of service (memory error) or possibly have unspecified other impact via vectors related to the "drag + drop" functionality. | 7.5 |
| 2010-05-28 | CVE-2010-2108 | Unspecified vulnerability in Google Chrome Unspecified vulnerability in Google Chrome before 5.0.375.55 allows remote attackers to bypass the whitelist-mode plugin blocker via unknown vectors. | 7.5 |
| 2010-05-28 | CVE-2010-2107 | Unspecified vulnerability in Google Chrome Unspecified vulnerability in Google Chrome before 5.0.375.55 allows attackers to cause a denial of service (memory error) or possibly have unspecified other impact via vectors related to the Safe Browsing functionality. | 10.0 |
| 2010-05-28 | CVE-2010-2106 | Unspecified vulnerability in Google Chrome Unspecified vulnerability in Google Chrome before 5.0.375.55 might allow remote attackers to spoof the URL bar via vectors involving unload event handlers. network google | 4.3 |