Vulnerabilities > Google > Chrome > 9.0.587.0
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2012-09-13 | CVE-2012-4904 | Cross-Site Scripting vulnerability in Google Chrome Cross-application scripting vulnerability in Google Chrome before 18.0.1025308 on Android allows remote attackers to inject arbitrary web script via unspecified vectors, as demonstrated by "Universal XSS (UXSS)" attacks against the current tab. | 4.3 |
2012-09-13 | CVE-2012-4903 | Permissions, Privileges, and Access Controls vulnerability in Google Chrome Google Chrome before 18.0.1025308 on Android does not properly restrict access to file: URLs, which allows remote attackers to obtain sensitive information via unspecified vectors, as demonstrated by obtaining credential data, a different vulnerability than CVE-2012-4906. | 5.0 |
2012-06-27 | CVE-2012-2764 | Unspecified vulnerability in Google Chrome Untrusted search path vulnerability in Google Chrome before 20.0.1132.43 on Windows might allow local users to gain privileges via a Trojan horse Metro DLL in the current working directory. | 7.2 |
2012-05-24 | CVE-2011-3115 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Google Chrome Google V8, as used in Google Chrome before 19.0.1084.52, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger "type corruption." | 7.5 |
2012-05-24 | CVE-2011-3114 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Google Chrome Multiple buffer overflows in the PDF functionality in Google Chrome before 19.0.1084.52 allow remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger unknown function calls. | 7.5 |
2012-05-24 | CVE-2011-3113 | Multiple Security vulnerability in Google Chrome Prior to 19.0.1084.52 The PDF functionality in Google Chrome before 19.0.1084.52 does not properly perform a cast of an unspecified variable during handling of color spaces, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a crafted document. | 7.5 |
2012-05-24 | CVE-2011-3112 | Resource Management Errors vulnerability in Google Chrome Use-after-free vulnerability in the PDF functionality in Google Chrome before 19.0.1084.52 allows remote attackers to cause a denial of service or possibly have unspecified other impact via an invalid encrypted document. | 5.0 |
2012-05-24 | CVE-2011-3111 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Google Chrome Google V8, as used in Google Chrome before 19.0.1084.52, allows remote attackers to cause a denial of service (invalid read operation) via unspecified vectors. | 5.0 |
2012-05-24 | CVE-2011-3110 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Google Chrome The PDF functionality in Google Chrome before 19.0.1084.52 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger out-of-bounds write operations. | 7.5 |
2012-05-24 | CVE-2011-3109 | Multiple Security vulnerability in Google Chrome Prior to 19.0.1084.52 Google Chrome before 19.0.1084.52 on Linux does not properly perform a cast of an unspecified variable, which allows remote attackers to cause a denial of service or possibly have unknown other impact by leveraging an error in the GTK implementation of the UI. | 7.5 |