Vulnerabilities > Google > Chrome > 5.0.375.44

DATE CVE VULNERABILITY TITLE RISK
2010-11-06 CVE-2010-4198 Improper Input Validation vulnerability in multiple products
WebKit, as used in Google Chrome before 7.0.517.44, webkitgtk before 1.2.6, and other products, does not properly handle large text areas, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted HTML document.
network
low complexity
google webkitgtk fedoraproject CWE-20
8.8
2010-11-06 CVE-2010-4197 Use After Free vulnerability in multiple products
Use-after-free vulnerability in WebKit, as used in Google Chrome before 7.0.517.44, webkitgtk before 1.2.6, and other products, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving text editing.
network
low complexity
google webkitgtk fedoraproject CWE-416
critical
9.8
2010-10-21 CVE-2010-4042 Improper Input Validation vulnerability in multiple products
Google Chrome before 7.0.517.41 does not properly handle element maps, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to "stale elements."
network
low complexity
google opensuse CWE-20
critical
9.8
2010-10-21 CVE-2010-4041 Unspecified vulnerability in Google Chrome
The sandbox implementation in Google Chrome before 7.0.517.41 on Linux does not properly constrain worker processes, which might allow remote attackers to bypass intended access restrictions via unspecified vectors.
network
low complexity
google
critical
9.8
2010-10-21 CVE-2010-4040 Improper Input Validation vulnerability in multiple products
Google Chrome before 7.0.517.41 does not properly handle animated GIF images, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted image.
local
low complexity
google debian opensuse CWE-20
7.8
2010-10-21 CVE-2010-4039 Unspecified vulnerability in Google Chrome
Google Chrome before 7.0.517.41 on Linux does not properly set the PATH environment variable, which has unspecified impact and attack vectors.
network
low complexity
google
critical
9.8
2010-10-21 CVE-2010-4038 Improper Resource Shutdown or Release vulnerability in Google Chrome
The Web Sockets implementation in Google Chrome before 7.0.517.41 does not properly handle a shutdown action, which allows remote attackers to cause a denial of service (application crash) via unspecified vectors.
network
low complexity
google CWE-404
7.5
2010-10-05 CVE-2010-3730 Unspecified vulnerability in Google Chrome
Google Chrome before 6.0.472.62 does not properly use information about the origin of a document to manage properties, which allows remote attackers to have an unspecified impact via a crafted web site, related to a "property pollution" issue.
network
low complexity
google
8.8
2010-10-05 CVE-2010-3729 Integer Overflow or Wraparound vulnerability in Google Chrome
The SPDY protocol implementation in Google Chrome before 6.0.472.62 does not properly manage buffers, which might allow remote attackers to execute arbitrary code via unspecified vectors.
network
low complexity
google CWE-190
critical
9.8
2010-10-04 CVE-2010-1822 Incorrect Type Conversion or Cast vulnerability in multiple products
WebKit, as used in Apple Safari before 4.1.3 and 5.0.x before 5.0.3 and Google Chrome before 6.0.472.62, does not properly perform a cast of an unspecified variable, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via an SVG element in a non-SVG document.
network
low complexity
google apple opensuse CWE-704
8.8