Vulnerabilities > Google > Chrome > 6.0.476.0

DATE CVE VULNERABILITY TITLE RISK
2010-11-06 CVE-2010-4198 Improper Input Validation vulnerability in multiple products
WebKit, as used in Google Chrome before 7.0.517.44, webkitgtk before 1.2.6, and other products, does not properly handle large text areas, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted HTML document.
network
low complexity
google webkitgtk fedoraproject CWE-20
8.8
2010-11-06 CVE-2010-4197 Use After Free vulnerability in multiple products
Use-after-free vulnerability in WebKit, as used in Google Chrome before 7.0.517.44, webkitgtk before 1.2.6, and other products, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving text editing.
network
low complexity
google webkitgtk fedoraproject CWE-416
critical
9.8
2010-10-21 CVE-2010-4042 Improper Input Validation vulnerability in multiple products
Google Chrome before 7.0.517.41 does not properly handle element maps, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to "stale elements."
network
low complexity
google opensuse CWE-20
critical
9.8
2010-10-21 CVE-2010-4041 Unspecified vulnerability in Google Chrome
The sandbox implementation in Google Chrome before 7.0.517.41 on Linux does not properly constrain worker processes, which might allow remote attackers to bypass intended access restrictions via unspecified vectors.
network
low complexity
google
critical
9.8
2010-10-21 CVE-2010-4040 Improper Input Validation vulnerability in multiple products
Google Chrome before 7.0.517.41 does not properly handle animated GIF images, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted image.
local
low complexity
google debian opensuse CWE-20
7.8
2010-10-21 CVE-2010-4039 Unspecified vulnerability in Google Chrome
Google Chrome before 7.0.517.41 on Linux does not properly set the PATH environment variable, which has unspecified impact and attack vectors.
network
low complexity
google
critical
9.8
2010-10-21 CVE-2010-4038 Improper Resource Shutdown or Release vulnerability in Google Chrome
The Web Sockets implementation in Google Chrome before 7.0.517.41 does not properly handle a shutdown action, which allows remote attackers to cause a denial of service (application crash) via unspecified vectors.
network
low complexity
google CWE-404
7.5