Vulnerabilities > Google > Chrome > 8.0.552.42

DATE CVE VULNERABILITY TITLE RISK
2011-12-07 CVE-2011-4692 Permissions, Privileges, and Access Controls vulnerability in multiple products
WebKit, as used in Apple Safari 5.1.1 and earlier and Google Chrome 15 and earlier, does not prevent capture of data about the time required for image loading, which makes it easier for remote attackers to determine whether an image exists in the browser cache via crafted JavaScript code, as demonstrated by visipisi.
network
low complexity
apple google CWE-264
5.0
2011-12-07 CVE-2011-4691 Permissions, Privileges, and Access Controls vulnerability in Google Chrome
Google Chrome 15.0.874.121 and earlier does not prevent capture of data about the times of Same Origin Policy violations during IFRAME loading attempts, which makes it easier for remote attackers to determine whether a document exists in the browser cache via crafted JavaScript code.
network
low complexity
google CWE-264
5.0
2011-09-19 CVE-2011-3234 Out-Of-Bounds Read vulnerability in Google Chrome
Google Chrome before 14.0.835.163 does not properly handle boxes, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
network
low complexity
google apple CWE-125
5.0
2011-05-03 CVE-2011-1456 Improper Input Validation vulnerability in Google Chrome
Google Chrome before 11.0.696.57 does not properly handle PDF forms, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to "stale pointers."
network
low complexity
google CWE-20
6.8
2011-05-03 CVE-2011-1455 Out-Of-Bounds Read vulnerability in Google Chrome
Google Chrome before 11.0.696.57 does not properly handle PDF documents with multipart encoding, which allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted document.
network
google CWE-125
6.8
2011-05-03 CVE-2011-1454 USE After Free vulnerability in Google Chrome
Use-after-free vulnerability in the DOM id handling functionality in Google Chrome before 11.0.696.57 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted HTML document.
network
low complexity
google CWE-416
6.8
2011-05-03 CVE-2011-1452 Improper Input Validation vulnerability in Google Chrome
Google Chrome before 11.0.696.57 allows user-assisted remote attackers to spoof the URL bar via vectors involving a redirect and a manual reload.
network
google CWE-20
5.8
2011-05-03 CVE-2011-1451 Improper Input Validation vulnerability in Google Chrome
Google Chrome before 11.0.696.57 does not properly handle DOM id maps, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to "dangling pointers."
network
low complexity
google apple CWE-20
7.5
2011-05-03 CVE-2011-1450 Improper Input Validation vulnerability in Google Chrome
Google Chrome before 11.0.696.57 does not properly present file dialogs, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to "dangling pointers."
network
low complexity
google CWE-20
5.0
2011-05-03 CVE-2011-1449 USE After Free vulnerability in Google Chrome
Use-after-free vulnerability in the WebSockets implementation in Google Chrome before 11.0.696.57 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.
network
low complexity
google apple CWE-416
6.8