Vulnerabilities > Google > Chrome > 57.0.2987.98
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2017-10-27 | CVE-2017-5052 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products An incorrect assumption about block structure in Blink in Google Chrome prior to 57.0.2987.133 for Mac, Windows, and Linux, and 57.0.2987.132 for Android, allowed a remote attacker to potentially exploit memory corruption via a crafted HTML page that triggers improper casting. | 8.8 |
2017-04-25 | CVE-2017-5051 | Integer Overflow or Wraparound vulnerability in Google Chrome An integer overflow in FFmpeg in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android allowed a remote attacker to perform an out of bounds memory write via a crafted video file, related to ChunkDemuxer. | 8.8 |
2017-04-25 | CVE-2017-5050 | Integer Overflow or Wraparound vulnerability in Google Chrome An integer overflow in FFmpeg in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android allowed a remote attacker to perform an out of bounds memory write via a crafted video file, related to ChunkDemuxer. | 8.8 |
2017-04-25 | CVE-2017-5049 | Integer Overflow or Wraparound vulnerability in Google Chrome An integer overflow in FFmpeg in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android allowed a remote attacker to perform an out of bounds memory write via a crafted video file, related to ChunkDemuxer. | 8.8 |
2017-04-25 | CVE-2017-5048 | Integer Overflow or Wraparound vulnerability in Google Chrome An integer overflow in FFmpeg in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android allowed a remote attacker to perform an out of bounds memory write via a crafted video file, related to ChunkDemuxer. | 8.8 |
2017-04-25 | CVE-2017-5047 | Integer Overflow or Wraparound vulnerability in Google Chrome An integer overflow in FFmpeg in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android allowed a remote attacker to perform an out of bounds memory write via a crafted video file, related to ChunkDemuxer. | 8.8 |
2017-04-24 | CVE-2017-5046 | V8 in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android had insufficient policy enforcement, which allowed a remote attacker to spoof the location object via a crafted HTML page, related to Blink information disclosure. | 4.3 |
2017-04-24 | CVE-2017-5045 | Cross-site Scripting vulnerability in multiple products XSS Auditor in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android allowed detection of a blocked iframe load, which allowed a remote attacker to brute force JavaScript variables via a crafted HTML page. | 6.1 |
2017-04-24 | CVE-2017-5044 | Out-of-bounds Write vulnerability in multiple products Heap buffer overflow in filter processing in Skia in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. | 6.3 |
2017-04-24 | CVE-2017-5042 | Missing Encryption of Sensitive Data vulnerability in multiple products Cast in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android sent cookies to sites discovered via SSDP, which allowed an attacker on the local network segment to initiate connections to arbitrary URLs and observe any plaintext cookies sent. | 5.7 |