Vulnerabilities > Google > Chrome > 4.1.249.1047
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2013-03-21 | CVE-2013-2632 | Unspecified vulnerability in Google Chrome Google V8 before 3.17.13, as used in Google Chrome before 27.0.1444.3, allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via crafted JavaScript code, as demonstrated by the Bejeweled game. network google | 6.8 |
| 2013-02-23 | CVE-2013-2268 | Security vulnerability in WebKit MathML Library Unspecified vulnerability in the MathML implementation in WebKit in Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, has unknown impact and remote attack vectors, related to a "high severity security issue." | 7.5 |
| 2012-11-15 | CVE-2012-5851 | Cross-Site Scripting vulnerability in multiple products html/parser/XSSAuditor.cpp in WebCore in WebKit, as used in Google Chrome through 22 and Safari 5.1.7, does not consider all possible output contexts of reflected data, which makes it easier for remote attackers to bypass a cross-site scripting (XSS) protection mechanism via a crafted string, aka rdar problem 12019108. | 4.3 |
| 2012-10-11 | CVE-2012-5376 | Improper Privilege Management vulnerability in Google Chrome The Inter-process Communication (IPC) implementation in Google Chrome before 22.0.1229.94 allows remote attackers to bypass intended sandbox restrictions and write to arbitrary files by leveraging access to a renderer process, a different vulnerability than CVE-2012-5112. | 9.3 |
| 2012-09-13 | CVE-2012-4909 | Information Exposure vulnerability in Google Chrome Google Chrome before 18.0.1025308 on Android allows remote attackers to obtain cookie information via a crafted application. | 4.3 |
| 2012-09-13 | CVE-2012-4908 | Permissions, Privileges, and Access Controls vulnerability in Google Chrome Google Chrome before 18.0.1025308 on Android allows remote attackers to bypass the Same Origin Policy and obtain access to local files via vectors involving a symlink. | 7.5 |
| 2012-09-13 | CVE-2012-4907 | Permissions, Privileges, and Access Controls vulnerability in Google Chrome Google Chrome before 18.0.1025308 on Android does not properly restrict access from JavaScript code to Android APIs, which allows remote attackers to have an unspecified impact via a crafted web page. | 9.3 |
| 2012-09-13 | CVE-2012-4906 | Permissions, Privileges, and Access Controls vulnerability in Google Chrome Google Chrome before 18.0.1025308 on Android does not properly restrict access to file: URLs, which allows remote attackers to obtain sensitive information via unspecified vectors, as demonstrated by obtaining credential data, a different vulnerability than CVE-2012-4903. | 5.0 |
| 2012-09-13 | CVE-2012-4905 | Cross-Site Scripting vulnerability in Google Chrome Cross-site scripting (XSS) vulnerability in Google Chrome before 18.0.1025308 on Android allows remote attackers to inject arbitrary web script or HTML via an extra in an Intent object, aka "Universal XSS (UXSS)." | 4.3 |
| 2012-09-13 | CVE-2012-4904 | Cross-Site Scripting vulnerability in Google Chrome Cross-application scripting vulnerability in Google Chrome before 18.0.1025308 on Android allows remote attackers to inject arbitrary web script via unspecified vectors, as demonstrated by "Universal XSS (UXSS)" attacks against the current tab. | 4.3 |