Vulnerabilities > Google > Chrome > 9.0.587.0

DATE CVE VULNERABILITY TITLE RISK
2012-04-05 CVE-2011-3068 USE After Free vulnerability in Google Chrome
Use-after-free vulnerability in the Cascading Style Sheets (CSS) implementation in Google Chrome before 18.0.1025.151 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to run-in boxes.
network
google apple CWE-416
6.8
2012-04-05 CVE-2011-3067 Origin Validation Error vulnerability in Google Chrome
Google Chrome before 18.0.1025.151 allows remote attackers to bypass the Same Origin Policy via vectors related to replacement of IFRAME elements.
network
google apple CWE-346
6.8
2012-04-05 CVE-2011-3066 Out-Of-Bounds Read vulnerability in Google Chrome
Skia, as used in Google Chrome before 18.0.1025.151, does not properly perform clipping, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
network
google CWE-125
6.8
2012-03-30 CVE-2011-3065 Integer Overflow OR Wraparound vulnerability in Google Chrome
Skia, as used in Google Chrome before 18.0.1025.142, allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.
network
google CWE-190
6.8
2012-03-30 CVE-2011-3064 USE After Free vulnerability in Google Chrome
Use-after-free vulnerability in Google Chrome before 18.0.1025.142 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to SVG clipping.
network
low complexity
google apple CWE-416
7.5
2012-03-30 CVE-2011-3063 Improper Input Validation vulnerability in Google Chrome
Google Chrome before 18.0.1025.142 does not properly validate the renderer's navigation requests, which has unspecified impact and remote attack vectors.
network
google CWE-20
4.3
2012-03-30 CVE-2011-3061 Improper Certificate Validation vulnerability in Google Chrome
Google Chrome before 18.0.1025.142 does not properly check X.509 certificates before use of a SPDY proxy, which might allow man-in-the-middle attackers to spoof servers or obtain sensitive information via a crafted certificate.
network
google CWE-295
5.8
2012-03-30 CVE-2011-3060 Out-Of-Bounds Read vulnerability in Google Chrome
Google Chrome before 18.0.1025.142 does not properly handle text fragments, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
network
google apple CWE-125
6.8
2012-03-30 CVE-2011-3059 Out-Of-Bounds Read vulnerability in Google Chrome
Google Chrome before 18.0.1025.142 does not properly handle SVG text elements, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
network
google apple CWE-125
6.8
2012-03-30 CVE-2011-3058 Cross-Site Scripting vulnerability in Google Chrome
Google Chrome before 18.0.1025.142 does not properly handle the EUC-JP encoding system, which might allow remote attackers to conduct cross-site scripting (XSS) attacks via unspecified vectors.
network
google apple CWE-79
4.3